AD域操作

原创 于 2025-01-14 16:07:09 发布 · 296 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#java #前端 #数据库

引入操作类库:

System.DirectoryServices.dll

代码如下:

using System;
using System.Data;
using System.Data.SqlClient;
using System.DirectoryServices;
using System.Security.Principal;
using System.Runtime.InteropServices;
using System.Collections;
using System.Text;


namespace IAD
{
    #region
    /// <summary>
    /// 
    /// </summary>
    public class ADHelper
    {
        #region 私有变量
        private string _user = string.Empty;
        private string _password = string.Empty;
        private string _ldap = string.Empty;
        private string _filterAttribute;

        #endregion

        #region 属性
        /// <summary>
        /// --------------------------
        /// 初始LDAP Path
        ///  -------------------------
        /// </summary>
        public string ADPath
        {
            get
            {
                return _ldap;
            }
            set
            {
                _ldap = value;
            }
        }

        /// <summary>
        /// --------------------------------------------------------
        /// 访问AD的用户,若为空的话就不带用户
        /// --------------------------------------------------------
        /// </summary>
        public string ADUsername
        {
            get
            {
                return _user;
            }
            set
            {
                _user = value;
            }
        }

        /// <summary>
        ///  --------------------------
        /// 访问AD的密码
        ///  --------------------------
        /// </summary>
        public string ADPassword
        {
            get
            {
                return _password;
            }
            set
            {
                _password = value;
            }
        }

        #endregion


        /// <summary>
        /// ---------------------------
        /// 默认构造函数
        /// ---------------------------
        /// </summary>
        public ADHelper()
        {
            this._ldap = "LDAP://DC=minth,DC=intra";
            //this._ldap = "LDAP://rootDSE";
            //this._ldap = "CN=...,...,DC=corp,DC=com";
            this._user = @"MINTH-GlOBAL\SA-HQ-SQL01";
            this._password = "5259mQE49xH8N#4u";
        }

        /// <summary>
        /// 
        /// </summary>
        /// <param name="user"></param>
        /// <param name="password"></param>
        /// <param name="ladp"></param>
        public ADHelper(string user, string password, string ladp)
        {
            this._user = user;
            this._password = password;
            this._ldap = ladp;
        }

        /// <summary>
        ///  ---------------------------------------------------
        /// 根据User属性返回不同的Entry
        /// ----------------------------------------------------
        /// </summary>
        /// <returns></returns>
        private DirectoryEntry GetRightEntry()
        {
            DirectoryEntry entry;

            if (this.ADUsername != string.Empty)
            {
                entry = new DirectoryEntry(this.ADPath, this.ADUsername, this.ADPassword);
            }
            else
            {
                if (this.ADPath != string.Empty)
                {
                    entry = new DirectoryEntry(this.ADPath);
                }
                else
                {
                    entry = new DirectoryEntry();
                }
            }
            return entry;
        }



        /// <summary>
        /// -------------------------------------------------------
        /// 根据用户名和密码验证在AD中的密码
        /// -------------------------------------------------------
        /// </summary>
        /// <param name="username"></param>
        /// <param name="pwd"></param>
        /// <returns></returns>
        public bool IsAuthenticated(string domain, string username, string pwd)
        {
            string domainAndUsername = domain + @"\" + username;
            DirectoryEntry entry = new DirectoryEntry(this.ADPath, domainAndUsername, pwd);
            try
            {
                //Bind to the native AdsObject to force authentication.
                object obj = entry.NativeObject;
                DirectorySearcher search = new DirectorySearcher(entry);
                search.Filter = "(SAMAccountName=" + username + ")";
                search.PropertiesToLoad.Add("cn");
                SearchResult result = search.FindOne();
                if (null == result)
                {
                    return false;
                }
                // this.ADPath = result.Path;
                _filterAttribute = (string)result.Properties["cn"][0];
            }
            catch (Exception ex)
            {
                // throw new Exception("对用户进行身份验证时出错。 " + ex.Message);
                ex.Message.ToString();
                return false;
            }
            return true;
        }
        /// <summary>
        ///  ----------------------------
        /// 获取AD组信息
        ///  ----------------------------
        /// </summary>
        /// <returns></returns>
        public string GetGroups()
        {
            DirectorySearcher search = new DirectorySearcher(ADPath);
            search.Filter = "(cn=" + _filterAttribute + ")";
            search.PropertiesToLoad.Add("memberOf");
            StringBuilder groupNames = new StringBuilder();

            try
            {
                SearchResult result = search.FindOne();
                int propertyCount = result.Properties["memberOf"].Count;
                string dn;
                int equalsIndex, commaIndex;

                for (int propertyCounter = 0; propertyCounter < propertyCount; propertyCounter++)
                {
                    dn = (string)result.Properties["memberOf"][propertyCounter];
                    equalsIndex = dn.IndexOf("=", 1);
                    commaIndex = dn.IndexOf(",", 1);
                    if (-1 == equalsIndex)
                    {
                        return null;
                    }
                    groupNames.Append(dn.Substring((equalsIndex + 1), (commaIndex - equalsIndex) - 1));
                    groupNames.Append("|");
                }
            }
            catch (Exception ex)
            {
                throw new Exception("Error obtaining group names. " + ex.Message);
            }
            return groupNames.ToString();
        }

        /// <summary>
        ///  ----------------------------------------
        /// 获取默认Domain的LDAP
        ///  ----------------------------------------
        /// </summary>
        /// <returns></returns>
        public string GetDefaultLDAPDomain()
        {
            string ret = string.Empty;
            DirectoryEntry root = GetRightEntry();
            try
            {
                ret = root.Properties["defaultNamingContext"][0].ToString();
            }
            catch (Exception)
            {
                ret = string.Empty;
            }
            root.Close();
            root = null;
            return ret;
        }

        /// <summary>
        /// ----------------------------------------
        /// 根据中文名获取DA帐号
        /// ----------------------------------------
        /// </summary>
        /// <param name="strCN"></param>
        /// <returns></returns>
        public string GetAccoutByCN(string strCN)
        {
            DirectoryEntry root = GetRightEntry();
            DirectorySearcher search = new DirectorySearcher(root);
            SearchResultCollection results;

            string ret = string.Empty;
            try
            {
                search.Filter = ("(cn=" + strCN + ")");
                results = search.FindAll();
                foreach (SearchResult result in results)
                {
                    if (result.Properties["samaccountname"] != null)
                    {
                        return result.Properties["samaccountname"][0].ToString();
                    }
                }
            }
            catch (Exception)
            {
            }
            return string.Empty;

        }


        /// <summary>
        /// ----------------------------------------
        /// 根据DA帐号获取中文名
        /// ----------------------------------------
        /// </summary>
        /// <param name="account"></param>
        /// <returns></returns>
        public string GetCNByAccount(string account)
        {
            return GetPropertyByAccount(account, "cn");

        }


        /// <summary>
        /// ----------------------------------------
        /// 根据DA帐号获取E-Mail
        /// ----------------------------------------
        /// </summary>
        /// <param name="account"></param>
        /// <returns></returns>
        public string GetMailByAccount(string account)
        {
            return GetPropertyByAccount(account, "mail");
        }


       

        /// <summary>
        /// ----------------------------------------
        /// 根据DA帐号获取显示名称
        /// ----------------------------------------
        /// </summary>
        /// <param name="account"></param>
        /// <returns></returns>
        public string GetDisplayNameByAccount(string account)
        {
            return GetPropertyByAccount(account, "displayName");

        }

        /// <summary>
        /// ----------------------------------------
        /// XML特殊符号替换
        /// ----------------------------------------
        /// </summary>
        /// <param name="str"></param>
        /// <returns></returns>
        public static string XmlSpecialReplace(string str)
        {
            str = str.Replace("&", "&amp;");
            str = str.Replace("'", "&apos;");
            str = str.Replace("“”", "&quot;");
            str = str.Replace(">", "&gt;");
            str = str.Replace("<", "&lt;");
            return str;
        }

        /// <summary>
        /// 
        /// </summary>
        /// <param name="eMail"></param>
        /// <returns></returns>
        public string GetAccountByMail(string eMail)
        {
            return GetAccountByMail(eMail, "samaccountname");
        }

        /// <summary>
        /// ---------------------------------------
        /// 根据E-Mail帐号获取AD
        /// --------------------------------------
        /// </summary>
        /// <param name="mail"></param>
        /// <returns></returns>
        private string GetAccountByMail(string eMail, string prop)
        {
            DirectoryEntry root = GetRightEntry();
            DirectorySearcher search = new DirectorySearcher(root);
            SearchResultCollection results;
            string ret = string.Empty;
            try
            {
                search.Filter = ("(mail=" + eMail + ")");
                results = search.FindAll();
                if (results[0].Properties["mail"] != null)
                {
                    ret = XmlSpecialReplace(results[0].Properties[prop][0].ToString());
                }
            }
            catch (Exception ex)
            {
                ex.Message.ToString();
                ret = string.Empty;
            }
            return ret;

        }

        /// <summary>
        /// ----------------------------------------
        /// 根据DA帐号获取属性
        /// ----------------------------------------
        /// </summary>
        /// <param name="account"></param>
        /// <param name="prop"></param>
        /// <returns></returns>
        public string GetPropertyByAccount(string account, string prop)
        {
            DirectoryEntry root = GetRightEntry();
            DirectorySearcher search = new DirectorySearcher(root);
            SearchResultCollection results;

            string ret = string.Empty;
            account = ExtractDoamin(account);

            try
            {
                search.Filter = ("(samaccountname=" + account + ")");
                results = search.FindAll();
                if (results[0].Properties["samaccountname"] != null)
                {
                    ret = XmlSpecialReplace(results[0].Properties[prop][0].ToString());
                }
            }
            catch (Exception ex)
            {
                ex.Message.ToString();
                ret = string.Empty;
            }
            return ret;
        }

        /// <summary>
        /// ----------------------------------------
        /// 根据DA帐号判断是存在
        /// ----------------------------------------
        /// </summary>
        /// <param name="account"></param>
        /// <returns></returns>
        public bool IsUserExists(string account)
        {
            DirectoryEntry root = GetRightEntry();
            DirectorySearcher search = new DirectorySearcher(root);
            SearchResultCollection results;

            string ret = string.Empty;
            account = ExtractDoamin(account);
         
            search.Filter = ("(samaccountname=" + account + ")");
            try
            {
                results = search.FindAll();
            }
            catch(Exception ex)
            {
                return false;
            }
            if (results.Count > 0)
                return true;

            return false;
        }


        /// <summary>
        /// -----------------
        ///  //查询CN.
        ///  ----------------
        /// </summary>
        /// <param name="strCN"></param>
        /// <returns></returns>
        public string[] SearchAccountByCN(string strCN)
        {
            DirectoryEntry root = GetRightEntry();
            DirectorySearcher search = new DirectorySearcher(root);
            SearchResultCollection results;

            string ret = string.Empty;
            try
            {
                search.Filter = ("(cn=*" + strCN + "*)");
                results = search.FindAll();
                foreach (SearchResult result in results)
                {
                    if (result.Properties["samaccountname"] != null)
                    {
                        //ret += result.Properties["samaccountname"][0].ToString()+"(" +result.Properties["cn"][0].ToString() + ")" + ";";
                        ret += result.Properties["samaccountname"][0].ToString() + ";";
                    }
                }
            }
            catch (Exception)
            {
                //ret = ret.Trim(';').Split(';');
            }
            return ret.Trim(';').Split(';');
        }

        /// <summary>
        /// ----------------------------------------
        ///Search Account by Account.
        ///----------------------------------------
        /// </summary>
        /// <param name="strAccount"></param>
        /// <returns></returns>
        public string[] SearchAccountByAccount(string strAccount)
        {
            DirectoryEntry root = GetRightEntry();
            DirectorySearcher search = new DirectorySearcher(root);
            SearchResultCollection results;

            string ret = string.Empty;
            try
            {
                search.Filter = ("(samaccountname=*" + strAccount + "*)");
                results = search.FindAll();
                foreach (SearchResult result in results)
                {
                    if (result.Properties["samaccountname"] != null)
                    {
                        ret += result.Properties["samaccountname"][0].ToString() + ";";
                    }
                }
            }
            catch (Exception)
            {
                //ret = ret.Trim(';').Split(';');
            }
            return ret.Trim(';').Split(';');
        }
        /// <summary>
        /// 
        /// </summary>
        /// <param name="name"></param>
        /// <returns></returns>
        public static string ExtractDoamin(string name)
        {
            int n = name.IndexOf("\\");

            //eg. ECCENTRIX\admin 
            if (n > 0)
                name = name.Substring(n + 1);

            return name;
        }



        /// <summary>
        /// 
        /// </summary>
        /// <param name="path"></param>
        /// <returns></returns>
        public Hashtable ListUsers(string path)
        {
            //path = "LDAP://DC=corp,DC=irco,DC=com";
            path = this._ldap;
            DirectoryEntry entry = new DirectoryEntry(path);
            DirectorySearcher searcher = new DirectorySearcher(entry);
            searcher.Filter = "(objectClass=*)";
            searcher.PropertiesToLoad.Clear();
            SearchResultCollection searchResultCollection = searcher.FindAll();
            return VisitSearchResultCollection(searchResultCollection);

        }

        //string messageFormat = "key:{0} value:{1} desc:";

        /// <summary>
        /// 
        /// </summary>
        /// <param name="resultCollection"></param>
        /// <returns></returns>
        public Hashtable VisitSearchResultCollection(SearchResultCollection resultCollection)
        {
            //IList<Users> userList = new List<Users>();
            Hashtable userList = new Hashtable();
            string _userName;
            string _displayName;

            foreach (SearchResult result in resultCollection)
            {
                _userName = string.Empty;
                _displayName = string.Empty;

                ///get username
                if (result.Properties.Contains("samaccountname"))
                {
                    ResultPropertyValueCollection resultValue = result.Properties["samaccountname"];
                    if (resultValue != null && resultValue.Count > 0 && resultValue[0] != null)
                    {
                        _userName = resultValue[0].ToString();
                    }

                }
                ///get displayname
                if (result.Properties.Contains("displayname"))
                {
                    ResultPropertyValueCollection resultValue = result.Properties["displayname"];
                    if (resultValue != null && resultValue.Count > 0 && resultValue[0] != null)
                    {
                        _displayName = resultValue[0].ToString();
                    }
                }
                userList.Add(_userName, _displayName);
            }
            return userList;

        }




    }
    #endregion
}

lisenustc
关注
JAVA使用Ldap操作AD的方法示例
08-26
在本文中,我们将深入探讨如何使用Java通过Ldap与Active Directory (AD)...通过以上介绍和示例代码,你应该能够开始编写自己的AD操作功能。记得在实际工作中根据具体需求和环境进行调整,以确保安全性和可靠性。
AD服务器 常规操作命令
最新发布
02-27
熟练掌握AD服务器的常规操作命令,对于维护和优化网络环境至关重要。以下是一些AD服务器的常规操作命令及其应用场景的知识点: 1. 查看AD账号认证服务器列表:在需要确认用户账号登录服务器的场合,可以通过...
ADHelper,一个好用的AD操作
01-06 1649
public class ADHelper { private static string ADLdapInfo = System.Configuration.ConfigurationManager.AppSettings["ADLdapInfo"].ToString(); ///扮演类实例 private static Identity...
ADHelper 活动目录用户操作类 (c#)
weixin_34186128的博客
05-29 298
如果你在一个基于Windows服务器的网路里工作,那么你很有可能正在使用微软的活动目录(Active Directory)。活动目录的目的是减少网络里目录和命名空间的数量,并为复杂的网络提供了一个统一的视图。 在这个环境里开发应用程序的话,你将不可避免地要访问目录。本周,我们将探讨一些使用活动目录的方法,并告诉你可以如何操控数据。 活动目录基础知识 在正式探讨.NET集成之前,让我们先从活动...
一个简单的操作活动目录的类(ADHelper
kyouken2007的专栏
05-08 1067
 ----------------------------------------------------------------------------- 说明:操作AD用到了两种协议,WinNT和LDAP       WinNT —— 可以以较高的权限进行操作,但可操作的对象比较少。                  一般用来添加(删除)用户和组、修改密码、添加用户到组。
活动目录辅助类。封装一系列活动目录操作相关的方法
徐虎的专栏
03-16 3196
using System;using System.DirectoryServices; namespace SystemFrameworks.Helper{     ///      /// 活动目录辅助类。封装一系列活动目录操作相关的方法。     ///      public sealed class ADHelper     {         ///          /// 名  
ADHelper类与扩展应用
ass2112128的博客
07-18 215
using System; using System.Collections.Generic; using System.Text; using System.DirectoryServices; using System.Security.Principal; using System.Runtime.InteropServices; using System.Data...
AD操作类库,可实现ou增加、删除、修改、同步功能 C#
05-14
AD OU及用户增加、删除、修改通用类库文件,其他分要的很贵,我下载了分享给大家,密码123456 希望对各位有用
java ad操作
08-19
本文将深入探讨如何使用Java进行AD操作。 首先,我们需要了解Java中的JNDI(Java Naming and Directory Interface)服务,它是Java标准API的一部分,允许开发者访问各种命名和目录服务,包括AD。通过JNDI,我们...
Java实现AD操作技巧与IP修改指南
在进行AD操作时,通常需要知道一些关键的IP地址信息,例如AD服务器的IP地址,以及可能需要访问特定的端口号(比如LDAP协议通常使用389端口)。有时候,根据不同的网络环境和安全策略,还需要使用SSL(安全套接层...
ADhelper类[参考].pdf
10-11
ADhelper类[参考].pdf
AD Helper 操作
05-10
AD操作类,.net操作AD的方法类。User添加删除
C#编写的活动动目录辅助操作ADHelper
02-21
活动目录辅助类。封装一系列活动目录操作相关的方法。包括用户登录验证及用户帐户属性修改等相关操作的方法
ADhelper.cs
01-22
AD操,增删改查及管理ou,稍改参数就能用
ADHelper.cs
09-18
This class contains functions for Active Directory support
C#学习记录------------ADHelper
蓝枫的专栏
04-26 978
using System; using System.DirectoryServices; namespace SystemFrameworks.Helper { /// /// 活动目录辅助类。封装一系列活动目录操作相关的方法。 /// public sealed class ADHelper {
ADHelper 活动目录用户操作
weixin_30894389的博客
03-07 122
ADHelper 活动目录用户操作类 分类: sharepoint 学习札记 2012-07-02 15:59 659人阅读 评论(0) 收藏 举报 活动stringusernulllogin using System; using System.Collections.Generic; using System.Linq; using Syste...
操作ADHelper
weixin_34034261的博客
10-29 297
但是我测试了总是弹出 登录失败: 未知的用户名或错误密码。 存在于588行 关闭后,进入DC查看用户已经添加但是是被禁用的~也就说启用用户这个方法没有写对?还是咋的原因! 代码如下: using System; using System.Collections.Generic; using System.Linq; using System.Te...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值