I have been struggling to find a good way to query out the members of a specified AD Group.
我一直在努力寻找一种查询指定AD组成员的好方法。
I have no issues in finding the group, or even querying users based on criteria.
我在查找组时没有问题,甚至根据标准查询用户。
currently I have
目前我有
PrincipalContext context = new PrincipalContext(ContextType.Domain, _domain, ADServerUser, ADServerPassword);
UserPrincipal userPrinciple = new UserPrincipal(context);
userPrinciple.GivenName = "stringToSearchForFirstName";
userPrinciple.Name = "stringToSearchForUserName";
userPrinciple.Surname = "stringToSearchForLastName";
PrincipalSearcher srch = new PrincipalSearcher(new UserPrincipal(context));
srch.QueryFilter = userPrinciple;
var result = srch.FindAll();
This give me all the users that I want, however it doesn't filter the group down.
这给了我想要的所有用户,但它不会过滤掉组。
I can use the GroupPrinciple Object along with the principal search, but then I can't filter down the Users.
我可以使用GroupPrinciple对象和主要搜索,但后来我无法过滤用户。
I kind of want a way to be able to apply both a UserPrincipal and GroupPrincipal to filter the returned results by BOTH Group and User parameters.
我想要一种方法来同时应用UserPrincipal和GroupPrincipal来过滤BOTH Group和User参数返回的结果。
I've used a linq where clause to try and do a match to see if the user is in a group but when i get all users the query times out. makes sense over all.
我已经使用了一个linq where子句来尝试进行匹配以查看用户是否在一个组中,但是当我让所有用户查询超时时。对所有人都有意义。
However if i query out the group, I have no way of using the principalSearcher to apply the query.
但是,如果我查询该组,我无法使用principalSearcher来应用查询。
Any ideas on how to do this?
关于如何做到这一点的任何想法?
2 个解决方案
#1
2
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, _domain);
// get the AD Group you are wanting to Query
GroupPrincipal group = GroupPrincipal.FindByIdentity("cn=YourGroupname");
foreach(Principal p in group.Members)
{
//do what ever coding you need to do here
}
#2
1
From my research I have concluded that using the Principal Objects to be able to filter on both group and user parameters is not possible. we needed to revert to using query string methods to AD to solve the issue.
根据我的研究,我得出结论,使用Principal Objects能够过滤组和用户参数是不可能的。我们需要恢复使用查询字符串方法来解决问题。
#1
2
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, _domain);
// get the AD Group you are wanting to Query
GroupPrincipal group = GroupPrincipal.FindByIdentity("cn=YourGroupname");
foreach(Principal p in group.Members)
{
//do what ever coding you need to do here
}
#2
1
From my research I have concluded that using the Principal Objects to be able to filter on both group and user parameters is not possible. we needed to revert to using query string methods to AD to solve the issue.
根据我的研究,我得出结论,使用Principal Objects能够过滤组和用户参数是不可能的。我们需要恢复使用查询字符串方法来解决问题。