[英]Accessing Active Directory to get User's Manager in asp.net
I am making a user management module of an application that will basically authenticate user credentials based on their domain login details. 我正在制作一个应用程序的用户管理模块,该模块将基本根据用户凭据的域登录详细信息来进行身份验证。 Authenticating is not a problem, what is a problem is that I need to get that particular user's manager.
身份验证不是问题,问题是我需要聘请该特定用户的管理员。
I am using the following method to retrieve the "Manager" property of the user: 我正在使用以下方法来检索用户的“经理”属性:
DirectoryEntry de = new DirectoryEntry(path, user, pass, AuthenticationTypes.Secure);
DirectorySearcher ds = new DirectorySearcher();
ds.SearchRoot = new DirectoryEntry("LDAP://xyzDomain", "UserName", "pwd");
ds.Filter = "(|(&(objectCategory=person)(objectClass=user)(mailnickname=*domainalias*)))";
//ds.PropertyNamesOnly = true;
ds.PropertiesToLoad.Add("manager");
List<string> users = new List<string>();
string s = "undefined";
foreach (SearchResult sr in ds.FindAll())
{
DirectoryEntry dee = sr.GetDirectoryEntry();
s = (string)dee.Properties[""].Value ?? "<undefined>";
users.Add(s);
}
This returns me the Manager details in such a way: 这将以以下方式向我返回Manager的详细信息:
CN=First LastName,OU=Managers,OU=Engineering,OU=Central,OU=Something,DC=XYZ,DC=XYZ,DC=XYZRE
What I do is use string manipulation to extract the CN and then run the query on that CN to find the details of the manager. 我要做的是使用字符串操作提取CN,然后在该CN上运行查询以查找管理器的详细信息。 However the problem is that CN here isn't unique.
但是问题是CN在这里不是唯一的。 There could be two or more people of the same name.
可能有两个或更多个同名的人。 What I basically need is a method that returns me the Manager ALIAS of the user (not the CN or anything).
我基本上需要的是一种向我返回用户的Manager ALIAS(而不是CN或任何东西)的方法。
Please any help is this would be highly appreciated. 请任何帮助,将不胜感激。 Open to suggestions.
公开建议。 Many thanks
非常感谢
There is a field called mailNickname . 有一个名为mailNickname的字段。
This link: In active directory, what is mailNickname used for? 此链接: 在活动目录中,mailNickname的作用是什么? has more information about it.
有关于它的更多信息。 The problem is: it's used for the Exchange-server.
问题是:它用于Exchange服务器。
So that means the value can be null or empty. 因此,该值可以为null或为空。 Here's an example in Visual Basic: http://www.vbforums.com/showthread.php?615131-RESOLVED-Get-logged-in-user-s-Alias-from-LDAP which explains how and what.
这是Visual Basic中的一个示例: http : //www.vbforums.com/showthread.php? 615131-RESOLVED-Get-logged-in-user-s-Alias-from- LDAP ,其中说明了方式和内容。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.