[英]How do I access groups of a user in a parent domain?
我正在一個有兩個AD域Dom1和Dom2的實例中工作。 有一種從Dom1到Dom2的信任關系,以便可以在Dom2中對Dom1中的用戶進行授權。
我的C#代碼可以做到這一點。
但是,在Dom2中,當我從Dom1中的用戶中拉出用戶組時,我什么也沒得到。 我確實從Dom2中存在的用戶那里獲得了一個組列表。
_DE.Path = "LDAP://RootDSE";
string szDomain = (string)_DE.Properties["defaultNamingContext"][0];
string obEntry = "LDAP://" + szDomain;
SearchResult res = ADExists("UserPrincipalName=" + szUPN, "User");
try
{
if (res != null)
{
_DE.Path = res.Path;
//szUserDN = res.Path;
if (_DE.Properties["memberOf"].Count > 1)
{
object[] groups = (object[])_DE.Properties["memberOf"].Value;
if (groups != null)
{
foreach (object group in groups)
{
string szGroup = group.ToString();
DataRow drAdd = dtGroups.NewRow();
drAdd["GroupName"] = group;
dtGroups.Rows.Add(drAdd);
}
}
}
嘗試改用System.DirectoryServices.AccountManagement命名空間:
static GroupPrincipal[] GetUserAuthorisationGroups(string userPrincipalName)
{
using (PrincipalContext context = new PrincipalContext(ContextType.Domain))
using (UserPrincipal user = UserPrincipal.FindByIdentity(context, IdentityType.UserPrincipalName, userPrincipalName))
{
return user.GetAuthorizationGroups().OfType<GroupPrincipal>().ToArray();
}
}
然后,您可以通過任意方式找到組:
GroupPrincipal[] groups = GetUserAuthorisationGroups(szUPN);
bool searchBySid = groups.Any(g => g.Sid == groupSid);
bool searchByDN = groups.Any(g => g.DistinguishedName == groupDN);
bool searchByName = groups.Any(g => g.Name == groupName);
如何從 ASP.NET 用戶控件中的父頁面訪問控件?
[英]How do I access controls from the parent page from within an ASP.NET User Control?
如何在 .NET Core 3.1 的 C# 中檢索域用戶的所有本地組?
[英]How can I retrieve all the local groups for a domain user in C# in .NET Core 3.1?
如何從未加入域的計算機中獲取用戶的域名?
[英]How do I get the domain name of a user from a machine not joined to the domain?
如何在不需要管理員權限的情況下訪問Microsoft Graph API中已登錄用戶的組?
[英]How can I access the signed in user's groups in Microsoft's Graph API without needing admin priviledges?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.