DirectoryEntry 活动目录的使用

public class DirectoryHelper

    {

        public static string  DomainName = System.Environment.UserDomainName;

        public static string strLDAP = "LDAP://" + DomainName;

        static DirectoryEntry de = new DirectoryEntry(strLDAP);

        /// <summary>

        /// 根据登录名获取用户域fullname

        /// </summary>

        /// <param name="AccountName"></param>

        /// <returns></returns>

        public static string getFullNameByAccountName(string AccountName)

        {

            string FullName = string.Empty;

            DirectorySearcher ds = new DirectorySearcher(de);

            ds.Filter = string.Format("(SAMAccountName={0})", AccountName);

            using (HostingEnvironment.Impersonate())

            {

                foreach (SearchResult sr in ds.FindAll())

                {

                    string fullName = sr.GetDirectoryEntry().Name.ToString();

                    //if (sr.GetDirectoryEntry().Properties["samaccountname"].Value.ToString().ToLower() == AccountName)

                    //{

                    FullName = fullName.Substring(, fullName.Length - );

                    // }

                }

            }

            return FullName;

        }

        /// <summary>

        /// 获取所有用户

        /// </summary>

        /// <returns></returns>

        public static DataTable getAllPeople()

        {

            DataTable dt = new DataTable();

            DataColumn dc_accountName = new DataColumn("AccountName", typeof(string));

            DataColumn dc_mail = new DataColumn("Mail", typeof(string));

            DataColumn dc_fullName = new DataColumn("FullName", typeof(string));

            dt.Columns.Add(dc_fullName);

            dt.Columns.Add(dc_accountName);

            dt.Columns.Add(dc_mail);

            DirectorySearcher search = new DirectorySearcher(de);

            search.Filter = "(&(objectClass=user))";

            search.SearchScope = SearchScope.Subtree;

            //模拟用户登录(发布的时候不添加要报错)

            using (HostingEnvironment.Impersonate())

            {

                SearchResultCollection SearchResults = search.FindAll();

                if (SearchResults.Count > )

                {

                    foreach (SearchResult sr in SearchResults)

                    {

                        DirectoryEntry GroupEntry = sr.GetDirectoryEntry();

                        string accountName = string.Empty;

                        string fullName = string.Empty;

                        string mail = string.Empty;

                        DataRow dr = dt.NewRow();

                        //先获取邮件属性，如果邮件不是空，说明是要取的部门

                        if (GroupEntry.Properties.Contains("mail"))

                        {

                            mail = GroupEntry.Properties["mail"][].ToString();

                            dr["Mail"] = mail;

                            if (GroupEntry.Properties.Contains("SAMAccountName"))

                            {

                                accountName = GroupEntry.Properties["SAMAccountName"][].ToString();

                                dr["AccountName"] = accountName;

                            }

                            if (GroupEntry.Properties.Contains("Name"))

                            {

                                fullName = GroupEntry.Properties["Name"][].ToString();

                                dr["FullName"] = fullName;

                            }

                            dt.Rows.Add(dr);

                        }

                    }

                }

            }

            return dt;

        }

        /// <summary>

        /// 根据全名获取登录名

        /// </summary>

        /// <param name="fullName"></param>

        /// <returns></returns>

        public static string getAccountNameByFullName(string fullName)

        {

            string accountName = string.Empty;

            DirectorySearcher ds = new DirectorySearcher(de);

            ds.Filter = string.Format("(cn={0})", fullName);

            using (HostingEnvironment.Impersonate())

            {

                SearchResult sr = ds.FindOne();

                if (sr != null)

                {

                    if (sr.GetDirectoryEntry().Properties.Contains("samaccountname"))

                    {

                        accountName = sr.Properties["samaccountname"][].ToString();

                        //accountName = accountName.Substring(3, accountName.Length - 3);

                    }

                }

            }

            return accountName;

        }

        /// <summary>

        /// 判断用户是否存在

        /// </summary>

        /// <param name="FullName"></param>

        /// <returns></returns>

        public static bool checkUserExist(string FullName)

        {

            bool Exist = false;

            DirectorySearcher deSearch = new DirectorySearcher(de);

            deSearch.Filter = "(&(&(objectCategory=person)(objectClass=user))(cn=" + FullName + "))";

            deSearch.SearchScope = SearchScope.Subtree;

            //模拟用户登录(发布的时候不添加要报错)

            using (HostingEnvironment.Impersonate())

            {

                SearchResult result = deSearch.FindOne();

                if (result != null)

                {

                    Exist = true;

                }

                return Exist;

            }

        }

        #region 根据登录名获取用户所在组

        public static DataTable getGroupByAccountName(string AccountName)

        {

            DataTable dt = new DataTable("group");

            DataColumn groupName = new DataColumn("Name", typeof(string));

            dt.Columns.Add(groupName);

            DirectorySearcher search = new DirectorySearcher(de);

            search.Filter = "(&(sAMAccountName=" + AccountName + "))";

            search.PropertiesToLoad.Add("memberof");

            using (HostingEnvironment.Impersonate())

            {

                SearchResult result = search.FindOne();

                if (result == null)

                {

                    DataRow dr = dt.NewRow();

                    dr["Name"] = "暂无数据";

                    dt.Rows.Add(dr);

                }

                else

                {

                    string[] results = new string[result.Properties["memberof"].Count + ];

                    for (int i = ; i < result.Properties["memberof"].Count; i++)

                    {

                        string theGroupPath = result.Properties["memberof"][i].ToString();

                        string tempName = theGroupPath.Substring(, theGroupPath.IndexOf(",") - );

                        if (tempName == "全体员工" || tempName == "VPN"||tempName=="经理级人员") { }

                        else

                        {

                            DataRow dr = dt.NewRow();

                            dr["Name"] = theGroupPath.Substring(, theGroupPath.IndexOf(",") - );

                            dt.Rows.Add(dr);

                        }

                    }

                }

            }

            return dt;

        }

        #endregion

        #region 获取it部门成员

        public static DataTable getAllMembersByGroupName(string GroupName)

        {

            DataTable dt_ItMembers = new DataTable();

            DataColumn dc_ItMembers = new DataColumn("Name", typeof(string));

            dt_ItMembers.Columns.Add(dc_ItMembers);

            DirectorySearcher search_ItMember = new DirectorySearcher(de);

            search_ItMember.Filter = "(&(objectClass=group)(cn=" + GroupName + "))";

            //模拟用户登录(发布的时候不添加要报错)

            using (HostingEnvironment.Impersonate())

            {

                SearchResult search_It = search_ItMember.FindOne();

                if (search_It != null)

                {

                    int memberCount = search_It.Properties["member"].Count;

                    for (int i = ; i < memberCount; i++)

                    {

                        if (!string.IsNullOrEmpty(search_It.Properties["member"][i].ToString()))

                        {

                            string name = search_It.Properties["member"][i].ToString();

                            name = name.Substring(, name.IndexOf(",") - );

                            DataRow dr_itMembersName = dt_ItMembers.NewRow();

                            dr_itMembersName["Name"] = name;

                            dt_ItMembers.Rows.Add(dr_itMembersName);

                        }

                    }

                }

                else

                {

                    DataRow dr_none = dt_ItMembers.NewRow();

                    dr_none["Name"] = "暂无数据";

                    dt_ItMembers.Rows.Add(dr_none);

                }

            }

            return dt_ItMembers;

        }

        #endregion

        #region 获取所有部门

        public static DataTable getAllGroup()

        {

            DataTable dt_group = new DataTable();

            DataColumn dc_group = new DataColumn("GroupName", typeof(string));

            dt_group.Columns.Add(dc_group);

            DirectorySearcher search_ItMember = new DirectorySearcher(de);

            search_ItMember.Filter = "(&(objectClass=group))";

            search_ItMember.SearchScope = SearchScope.Subtree;

            //模拟用户登录(发布的时候不添加要报错)

            using (HostingEnvironment.Impersonate())

            {

                SearchResultCollection SearchResults = search_ItMember.FindAll();

                if (SearchResults.Count > )

                {

                    foreach (SearchResult sr in SearchResults)

                    {

                        DirectoryEntry GroupEntry = sr.GetDirectoryEntry();

                        //先获取邮件属性，如果邮件不是空，说明是要取的部门

                        if (GroupEntry.Properties.Contains("mail"))

                        {

                            string mail = GroupEntry.Properties["mail"][].ToString();

                            if (!string.IsNullOrEmpty(mail))

                            {

                                string groupName = string.Empty;

                                if (GroupEntry.Properties.Contains("Name"))

                                {

                                    groupName = GroupEntry.Properties["Name"][].ToString();

                                }

                                DataRow dr_group = dt_group.NewRow();

                                dr_group["GroupName"] = groupName;

                                dt_group.Rows.Add(dr_group);

                            }

                        }

                    }

                }

            }

            return dt_group;

        }

        #endregion

        #region 根据全名获取邮箱

        public static string getMailByFullName(string fullName)

        {

            string mail = string.Empty;

            DirectorySearcher ds = new DirectorySearcher(de);

            ds.Filter = "(&(cn=" + fullName + "))";

            using (HostingEnvironment.Impersonate())

            {

                SearchResult result = ds.FindOne();

                if (result != null)

                {

                    mail = result.Properties["mail"][].ToString();

                }

                return mail;

            }

        }

        #endregion

        /// <summary>

        /// 判断是不是IT部门的人

        /// </summary>

        /// <param name="AccountName"></param>

        /// <returns></returns>

        public static bool IsItGroup(string AccountName)

        {

            bool IsItGroupMember = false;

            DirectorySearcher search = new DirectorySearcher(de);

            search.Filter = "(&(sAMAccountName=" + AccountName + "))";

            search.PropertiesToLoad.Add("memberof");

            using (HostingEnvironment.Impersonate())

            {

                SearchResult result = search.FindOne();

                if (result != null)

                {

                    for (int i = ; i < result.Properties["memberof"].Count; i++)

                    {

                        string theGroupPath = result.Properties["memberof"][i].ToString();

                        if (theGroupPath.Substring(, theGroupPath.IndexOf(",") - ) == "IT")

                        {

                            IsItGroupMember = true; return IsItGroupMember;

                        }

                    }

                }

            }

            return IsItGroupMember;

        }

    }

调用：

 //获取当前登录电脑的用户名

string name = System.Environment.UserName.ToLower();

string fullname= DirectoryHelper.getFullNameByAccountName(System.Environment.UserName.ToLower());

bool b_ITGroupMember = DirectoryHelper.IsItGroup(name);

发布到IIS上后要修改IIS配置

ASP.NET impersonation和window authentication设置成启用，

其他的Annoymous authentication都设置成禁用

应用程序池设置成经典

秒客网

DirectoryEntry 活动目录的使用

相关文章