使用C#通过员工ID查询用户电子邮件的Active Directory
[英]Querying Active Directory using C# for user email by employee ID
问题描述
Is it possible to get a user's email from Active Directory using employeenumber as the query term? 
是否可以使用employeenumber作为查询词从Active Directory中获取用户的电子邮件?
I am using C#'s System.DirectoryServices and am a little bit lost. 我正在使用C#的System.DirectoryServices ,有点迷路了。 The previous developer at my company was using this process, but he had an email and was querying for the employee number. 我公司的前一位开发人员正在使用此过程,但是他有一封电子邮件,正在查询员工编号。 I have changed it to what I believe it should be, but to be honest, I don't understand the code that well. 我已经将其更改为我认为应该的样子,但是老实说,我不太了解代码。
Is there something wrong with my code? 我的代码有问题吗? every time i run it, I get a Null Reference error on the DirectoryEntry up_user = line. 每次运行它时, DirectoryEntry up_user =行上都会出现Null Reference错误。 I assume it is because the previous line is not getting any entities. 我认为这是因为上一行没有获取任何实体。
Also, is there any good documentation on this topic? 另外,关于此主题是否有任何好的文档? Everywhere I look, the posts are from 2011 or 2013. 我到处看到的帖子来自2011年或2013年。
I have the following: 我有以下几点:
try
{
string email = string.Empty;
ContextType authenticationType = ContextType.Domain;
PrincipalContext principalContext = new PrincipalContext(authenticationType, "MATRIC");
UserPrincipal userPrincipal = null;
userPrincipal = UserPrincipal.FindByIdentity(principalContext, empnum);
DirectoryEntry up_User = (DirectoryEntry)userPrincipal.GetUnderlyingObject();
DirectorySearcher deSearch = new DirectorySearcher(up_User);
SearchResultCollection results = deSearch.FindAll();
if (results != null && results.Count > 0)
{
ResultPropertyCollection rpc = results[0].Properties;
foreach (string rp in rpc.PropertyNames)
{
if (rp == "mail")
{
email = rpc["mail"][0].ToString();
}
}
if (email != string.Empty)
{
return email;
}
return null;
}
return null;
}
catch (Exception ex)
{
throw ex;
}
1 个解决方案
解决方案1
4 已采纳 2018-11-16 19:35:22
UserPrincipal.FindByIdentity only works for finding a user by what AD considers an identifying attribute. UserPrincipal.FindByIdentity仅适用于根据AD视为标识属性的用户来查找用户。 These are listed in the IdentityType enumeration. 这些在IdentityType枚举中列出。 The employee number isn't one of those. 员工号不是其中之一。
Are you using employeeId or employeeNumber in AD? 您是否在AD中使用employeeId或employeeNumber ? They are different attributes, although both are just strings with no special meaning or restrictions in AD. 它们是不同的属性,尽管它们都是只是字符串,在AD中没有特殊含义或限制。
The employeeId attribute is exposed in the UserPrincipal class, so you can search by it with UserPrincipal as described in the answer here : employeeId属性在UserPrincipal类中公开,因此您可以按照答案中的说明使用UserPrincipal通过它进行搜索:
UserPrincipal searchTemplate = new UserPrincipal(principalContext);
searchTemplate.EmployeeID = employeeId;
PrincipalSearcher ps = new PrincipalSearcher(searchTemplate);
UserPrincipal user = (UserPrincipal)ps.FindOne();
Then you can use the EmailAddress property of the account you find (you don't need to do what you're doing with the DirectorySearcher ). 然后,您可以使用找到的帐户的EmailAddress属性(无需使用DirectorySearcher )。
var emailAddress user?.EmailAddress;
If you're using employeeNumber , then you will need to use DirectorySearcher to find it. 如果您使用的是employeeNumber ,则需要使用DirectorySearcher进行查找。 Something like this: 像这样:
var search = new DirectorySearcher(new DirectoryEntry("LDAP://yourdomain.com"));
search.Filter = $"(&(ObjectClass=user)(employeeNumber={employeeNumber}))";
search.PropertiesToLoad.Add("mail");
var result = search.FindOne();
string emailAddress = null;
if (result.Properties.Contains("mail")) {
emailAddress = result.Properties["mail"][0].Value as string;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.