[英]Ldap connection in .net C#
I have an application where I can send emails. 我有一个可以发送电子邮件的应用程序。 Now am asked to use
ldap
to authenticate the user email. 现在,要求使用
ldap
对用户电子邮件进行身份验证。 Am very new to this concept. 这个概念很新。 I have been given a
ldap
server link. 我得到了一个
ldap
服务器链接。 No idea how to proceed with that. 不知道该如何进行。 Any article or hits will be greatly helpful.
任何文章或点击都将大有帮助。
Here is the code am trying with 这是我正在尝试的代码
public static UserDetail GetUserDetails(string EmailId, string domainName)
{
UserDetail userDetail = new UserDetail();
try
{
string filter = string.Format("(&(ObjectClass={0})(sAMAccountName={1}))", "person", EmailId);
string[] properties = new string[] { "fullname" };
DirectoryEntry adRoot = new DirectoryEntry("LDAP://" + domainName, null, null, AuthenticationTypes.Secure);
DirectorySearcher searcher = new DirectorySearcher(adRoot);
searcher.SearchScope = SearchScope.Subtree;
searcher.ReferralChasing = ReferralChasingOption.All;
searcher.PropertiesToLoad.AddRange(properties);
searcher.Filter = filter;
SearchResult result = searcher.FindOne();
DirectoryEntry directoryEntry = result.GetDirectoryEntry();
string displayName = directoryEntry.Properties["displayName"[0].ToStrin();
string firstName = directoryEntry.Properties["givenName"][0].ToString();
string lastName = directoryEntry.Properties["sn"][0].ToString();
string emailId = directoryEntry.Properties["mail"][0].ToString();
userDetail.EmailId = emailId;
}
catch (Exception)
{
}
return userDetail;
}
I want to achieve it on click of search button. 我想通过单击搜索按钮来实现。 How do I call the method and pass variables.
如何调用方法并传递变量。
If you're on .NET 3.5 or newer, you can use a PrincipalSearcher
and a "query-by-example" principal to do your searching: 如果您使用的是.NET 3.5或更高版本,则可以使用
PrincipalSearcher
和“按示例查询”主体进行搜索:
// create your domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
// define a "query-by-example" principal - here, we search for a UserPrincipal
// and with the e-mail of "bruce@example.com"
UserPrincipal qbeUser = new UserPrincipal(ctx);
qbeUser.EmailAddress = "bruce@example.com";
// create your principal searcher passing in the QBE principal
PrincipalSearcher srch = new PrincipalSearcher(qbeUser);
// try to find that user
UserPrincipal found = srch.FindOne() as UserPrincipal;
if(found != null)
{
// do whatever here - "found" is the user that matched the e-mail given
}
else
{
// there wasn't any user with that e-mail address in your AD
}
If you haven't already - absolutely read the MSDN article Managing Directory Security Principals in the .NET Framework 3.5 which shows nicely how to make the best use of the new features in System.DirectoryServices.AccountManagement
. 如果您还没有-绝对请阅读MSDN文章.NET Framework 3.5中的 “ 管理目录安全性主体”,它很好地展示了如何充分利用
System.DirectoryServices.AccountManagement
中的新功能。 Or see the MSDN documentation on the System.DirectoryServices.AccountManagement namespace. 或参阅System.DirectoryServices.AccountManagement命名空间上的MSDN文档 。
Of course, depending on your need, you might want to specify other properties on that "query-by-example" user principal you create: 当然,根据您的需要,您可能希望在创建的“按示例查询”用户主体上指定其他属性:
DisplayName
(typically: first name + space + last name) DisplayName
(通常:名字+空格+姓氏) SAM Account Name
- your Windows/AD account name SAM Account Name
-您的Windows / AD帐户名 User Principal Name
- your "username@yourcompany.com" style name User Principal Name
-您的“ username@yourcompany.com”样式名称 You can specify any of the properties on the UserPrincipal
and use those as "query-by-example" for your PrincipalSearcher
. 您可以在
UserPrincipal
上指定任何属性,并将它们用作PrincipalSearcher
“按示例查询”。
Given the input of emailAddress (type string) this code will search the LDAP directory for a user with a matching email address and return some information on the user: 给定emailAddress(类型字符串)的输入,此代码将在LDAP目录中搜索具有匹配电子邮件地址的用户,并返回有关该用户的一些信息:
string fullName = string.Empty;
string givenName = string.Empty;
string distinguishedName = string.Empty;
string sAMAccountName = string.Empty;
using (var context = new PrincipalContext(ContextType.Domain, "DOMAIN"))
{
using (var searcher = new PrincipalSearcher(new UserPrincipal(context)))
{
foreach (Principal result in searcher.FindAll())
{
var de = result.GetUnderlyingObject() as DirectoryEntry;
if (de.Properties["cn"].Value.ToString().Contains(" "))
{
//var userEntry = new DirectoryUser(de.Properties["sAMAccountName"].Value.ToString());
var currentUserEmail = de.Properties["mail"].Value.ToString().ToLower();
if (currentUserEmail == emailAddress)
{
if (de.Properties["cn"].Value != null)
fullName = de.Properties["cn"].Value.ToString();
if (de.Properties["givenName"].Value != null)
givenName = de.Properties["givenName"].Value.ToString();
if (de.Properties["distinguishedName"].Value != null)
distinguishedName =de.Properties["distinguishedName"].Value.ToString();
if (de.Properties["sAMAccountName"].Value != null)
sAMAccountName = de.Properties["sAMAccountName"].Value.ToString();
}
}
}
}
}
It requires a reference to : 它需要参考:
System.DirectoryServices;
System.DirectoryServices.AccountManagement;
One caveat I would like to mention is, directory look up routines can be quite slow. 我要提到的一个警告是,目录查找例程可能非常慢。 If you have 100,000 users on your domain, this process will take a while to run.
如果您的域上有100,000个用户,则此过程将需要一段时间才能运行。 WHat I tend to do, is dump the output of a directory search to a database table on a regular basis, and perform any lookups on that table.
我倾向于这样做,是将目录搜索的输出定期转储到数据库表中,并在该表上执行任何查找。 The frequency of the database dumps will of course depend on your business logic.
数据库转储的频率当然取决于您的业务逻辑。 Sometimes I simply truncate the table before performing a new dump, and in other circumstances, I dump to a 'staging' table, and only apply 'delta' updates to the active directoy record table.
有时,我只是在执行新转储之前就截断了表,而在其他情况下,我转储到了“暂存”表,并且仅对活动的Directoy记录表应用了“增量”更新。
1.1
. 1.1
缩小。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.