[英]What permissions do I have to delegate in order to set UserCannotChangePassword in Active Directory through a C# UserPrincipal
[英]How do I set the Manager Attribute on the UserPrincipal object in Active Directory in C#
我正在嘗試在此處記錄的UserPrincipal
類型的對象上設置屬性Manager
:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms680857(v=vs.85).aspx
但不能簡單地說
UserPrincipal.Manager = "some value"
有人可以向我解釋一下這是如何工作的嗎? 謝謝!
S.DS.AM命名空間中的基本UserPrincipal
不具有該屬性 - 但您可以擴展用戶主體類並添加所需的其他屬性。
在這里閱讀更多相關信息:
管理.NET Framework 3.5中的目錄安全性主體
( 關於文章末尾的可擴展性部分 )
這是代碼:
[DirectoryRdnPrefix("CN")]
[DirectoryObjectClass("Person")]
public class UserPrincipalEx : UserPrincipal
{
// Inplement the constructor using the base class constructor.
public UserPrincipalEx(PrincipalContext context) : base(context)
{ }
// Implement the constructor with initialization parameters.
public UserPrincipalEx(PrincipalContext context,
string samAccountName,
string password,
bool enabled) : base(context, samAccountName, password, enabled)
{}
// Create the "Manager" property.
[DirectoryProperty("manager")]
public string Manager
{
get
{
if (ExtensionGet("manager").Length != 1)
return string.Empty;
return (string)ExtensionGet("manager")[0];
}
set { ExtensionSet("manager", value); }
}
// Implement the overloaded search method FindByIdentity.
public static new UserPrincipalEx FindByIdentity(PrincipalContext context, string identityValue)
{
return (UserPrincipalEx)FindByIdentityWithType(context, typeof(UserPrincipalEx), identityValue);
}
// Implement the overloaded search method FindByIdentity.
public static new UserPrincipalEx FindByIdentity(PrincipalContext context, IdentityType identityType, string identityValue)
{
return (UserPrincipalEx)FindByIdentityWithType(context, typeof(UserPrincipalEx), identityType, identityValue);
}
}
現在,您可以找到並使用具有.Manager
屬性的UserPrincipalEx
類供您使用:
UserPrincipalEx userEx = UserPrincipalEx.FindByIdentity(ctx, "YourUserName");
// the .Manager property contains the DN (distinguished name) for the manager of this user
var yourManager = userEx.Manager;
我喜歡這個例子,但完全得到了RatBoyStl的來源。 有時你只想要一個值而不是一個新類。
如果您有給定用戶的UserPrinciple
對象,則可以使用此代碼輕松檢索manager屬性。 我UserPrinciple
,使用管理器值找到他們的UserPrinciple
並顯示電子郵件地址。
//set the principal context to the users domain
PrincipalContext pc = new PrincipalContext(ContextType.Domain, userDomain);
//lookup the user id on the domain
UserPrincipal up = UserPrincipal.FindByIdentity(pc, userId);
if (up == null)
{
Console.WriteLine(string.Format("AD USER NOT FOUND {0}", userGc));
return;
}
//grab the info we need from the domain
Console.WriteLine(up.ToString());
DirectoryEntry d = up.GetUnderlyingObject() as DirectoryEntry;
string managerCN = d.Properties["manager"].Value.ToString();
Console.WriteLine(managerCN);
UserPrincipal manager = UserPrincipal.FindByIdentity(pc, managerCN);
Console.WriteLine(manager.EmailAddress);
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.