获取用户的主要组名称

于 2011-07-14 17:14:00 发布
阅读量293 收藏
点赞数

通过属性memberof可以获取用户的所有组,但除了主要组.

不过可以通过primaryGroupID来获取,虽然它返回的是rid

尝试用rid作为filter,但总是取不回结果来。

最后只好通过objectSid,但objectSid是个byte[]类型,所以通过filter也获取不到,最后只好通过把所有的组缓存到本地,然后来获取组名称,代码如下:

public string[] GetAllGroupsForUser(string username)
        {
            
            var searcher = new DirectorySearcher(Utility.GetDomainDirectoryEntry());
            searcher.Filter = "(&(sAMAccountName=" + trueUserName.Trim() + "))";
            searcher.PropertiesToLoad.Add("memberof");
            searcher.PropertiesToLoad.Add("primaryGroupID");

            SearchResultCollection searchCollecton = searcher.FindAll();
            var groups = new List<string>();

            foreach (SearchResult searchResult in searchCollecton)
            {
                if (searchResult.Properties["memberof"] == null)
                {
                    return (null);
                }

                foreach (var memberof in searchResult.Properties["memberof"])
                {
                    groups.Add(memberof.ToString().Substring(3, memberof.ToString().IndexOf(",") - 3));
                }

                if (searchResult.Properties["primaryGroupID"].Count > 0)
                {
                    groups.Add(GetGroupNameByRid((Int32)searchResult.Properties["primaryGroupID"][0]));
                }
            }

            return groups.ToArray();
        }

        public String GetGroupNameByRid(Int32 rid)
        {
            String result;
            if (groupNames.TryGetValue(rid, out result)) return result;
            else ReloadGroupNames();

            return groupNames[rid];
        }

        private void ReloadGroupNames()
        {
            lock (loadGroupLock)
            {
                var searcher = new DirectorySearcher(Utility.GetDomainDirectoryEntry());
                searcher.Filter = "(&(objectClass=group))";  //获取所有的组
                searcher.PropertiesToLoad.Add("objectSid"); //获取组的objectSid
                searcher.PropertiesToLoad.Add("name");  //获取组的名称

                SearchResultCollection searchResults = searcher.FindAll();

                foreach (SearchResult searchResult in searchResults)
                {
                    //从sid中获取rid
                    SecurityIdentifier secId = new SecurityIdentifier(searchResult.Properties["objectSid"][0] as byte[], 0);
                    Regex regRID = new Regex(@"^S.*-(\d+){1}quot;);
                    Match matchRID = regRID.Match(secId.Value);
                    string sRID = matchRID.Groups[1].Value;

                    Int32 rid = Int32.Parse(sRID); 
                    if (groupNames.ContainsKey(rid)) continue;
                    groupNames.Add(rid,(String)searchResult.Properties["name"][0]);
                }
            }
        }

        private static Object loadGroupLock = new object(); //锁 
        private static Dictionary<Int32, String> groupNames = new Dictionary<int, string>(); //保存rid和name
iteye_3224
关注
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值