[英]comparing active directory and db user currently logged in?
How can i check that the current user logged onto the machine is an active directory user and also part of the application? 如何检查登录到计算机上的当前用户是活动目录用户还是应用程序的一部分?
I am building an extension to a legacy application which authenticates based on AD. 我正在构建对基于AD进行身份验证的旧应用程序的扩展。 The database has ad_user_name and i want to compare the ad_user_name with the username actually held in active directory.
该数据库具有ad_user_name,我想将ad_user_name与实际保存在活动目录中的用户名进行比较。
IF the usernames are the same then my edit view is accessible. 如果用户名相同,则可以访问我的编辑视图。 If the users are different then something went wrong and they cant see anything.
如果用户不同,则出问题了,他们看不到任何东西。
EDIT: there is a possibility that the server only runs .NET 2.0 编辑:服务器可能仅运行.NET 2.0
If your using .net 3.5 use this code instead. 如果您使用的是.net 3.5,请改用此代码。
To authenticate a user: 要认证用户:
PrincipalContext adContext = new PrincipalContext(ContextType.Domain);
using (adContext)
{
return adContext.ValidateCredentials(UserName, Password);
}
If you need to find the user to R/W attributes to the object do this: 如果您需要查找用户对对象的R / W属性,请执行以下操作:
PrincipalContext context = new PrincipalContext(ContextType.Domain);
UserPrincipal foundUser = UserPrincipal.FindByIdentity(context, "jdoe");
This is using the System.DirectoryServices.AccountManagement
namespace so you'll need to add it to your using statements. 这使用的是
System.DirectoryServices.AccountManagement
命名空间,因此您需要将其添加到using语句中。
If you need to convert a UserPrincipal object to a DirectoryEntry object to work with legacy code you can do this: 如果需要将UserPrincipal对象转换为DirectoryEntry对象以使用旧版代码,则可以执行以下操作:
DirectoryEntry userDE = (DirectoryEntry)foundUser.GetUnderlyingObject();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.