How do I detect if my program runs in an Active Directory environment?
如何检测我的程序是否在Active Directory环境中运行?
I'm using C# and .Net 2.0
我正在使用C#和.Net 2.0
5 个解决方案
#1
7
Try getting Environment.UserDomainName and comparing it to Environment.MachineName. If the two are the same then it's likely that the user does not have a domain. If they are not the same then the user is logged into a domain which must have a directory server.
尝试获取Environment.UserDomainName并将其与Environment.MachineName进行比较。如果两者相同,那么用户可能没有域。如果它们不相同,则用户登录到必须具有目录服务器的域。
#2
4
This code will check if the Computer itself is a member of a domain
此代码将检查计算机本身是否是域的成员
using System.DirectoryServices.ActiveDirectory;
bool isDomain = false;
try
{
Domain.GetComputerDomain();
isDomain = true;
}
catch (ActiveDirectoryObjectNotFoundException)
{
}
However the computer can be in a domain, but the currently logged in user may be a local user account. If you want to check for this use the Domain.GetCurrentDomain() function
但是,计算机可以位于域中,但当前登录的用户可以是本地用户帐户。如果要检查这个,请使用Domain.GetCurrentDomain()函数
#3
2
One way might be to query the LOGONSERVER environmental variable. That'll give the server name of your AD controller... Which, as far as I know, will be blank (or match current workstation? Not sure) if it isn't currently logged into a domain.
一种方法可能是查询LOGONSERVER环境变量。这将给出你的AD控制器的服务器名称...如果它当前没有登录到域,据我所知,它将是空白的(或匹配当前工作站?不确定)。
Example Usage:
string ADServer = Environment.GetEnvironmentVariable("LOGONSERVER");
#4
1
I found something that works:
我找到了有用的东西:
using System.Net.NetworkInformation;
IPGlobalProperties.GetIPGlobalProperties().DomainName;
Works with a local user and a domain user.
适用于本地用户和域用户。
#5
1
From http://msdn.microsoft.com/en-us/library/system.directoryservices.directoryentry.path.aspx
To bind to the current domain using LDAP, use the path "LDAP://RootDSE", then get the default naming context and rebind the entry.
要使用LDAP绑定到当前域,请使用路径“LDAP:// RootDSE”,然后获取默认命名上下文并重新绑定该条目。
So without a domain the binding to "LDAP://RootDSE" should either fail or return nothing. I didn't try it for myself.
因此,如果没有域,对“LDAP:// RootDSE”的绑定应该失败或者不返回任何内容。我没有为自己尝试。
use System.DirectoryServices; // add reference to system.directoryservices.dll
...
DirectoryEntry ent = new DirectoryEntry("LDAP://RootDSE");
String str = ent.Properties["defaultNamingContext"][0];
DirectoryEntry domain = new DirectoryEntry("LDAP://" + str);
This is definitely a cleaner way of checking for an Active Directory than relying on an environment variable (which the user could delete or add to spoof the program).
这绝对是一种检查Active Directory的方法,而不是依赖于环境变量(用户可以删除或添加以欺骗程序)。
#1
7
Try getting Environment.UserDomainName and comparing it to Environment.MachineName. If the two are the same then it's likely that the user does not have a domain. If they are not the same then the user is logged into a domain which must have a directory server.
尝试获取Environment.UserDomainName并将其与Environment.MachineName进行比较。如果两者相同,那么用户可能没有域。如果它们不相同,则用户登录到必须具有目录服务器的域。
#2
4
This code will check if the Computer itself is a member of a domain
此代码将检查计算机本身是否是域的成员
using System.DirectoryServices.ActiveDirectory;
bool isDomain = false;
try
{
Domain.GetComputerDomain();
isDomain = true;
}
catch (ActiveDirectoryObjectNotFoundException)
{
}
However the computer can be in a domain, but the currently logged in user may be a local user account. If you want to check for this use the Domain.GetCurrentDomain() function
但是,计算机可以位于域中,但当前登录的用户可以是本地用户帐户。如果要检查这个,请使用Domain.GetCurrentDomain()函数
#3
2
One way might be to query the LOGONSERVER environmental variable. That'll give the server name of your AD controller... Which, as far as I know, will be blank (or match current workstation? Not sure) if it isn't currently logged into a domain.
一种方法可能是查询LOGONSERVER环境变量。这将给出你的AD控制器的服务器名称...如果它当前没有登录到域,据我所知,它将是空白的(或匹配当前工作站?不确定)。
Example Usage:
string ADServer = Environment.GetEnvironmentVariable("LOGONSERVER");
#4
1
I found something that works:
我找到了有用的东西:
using System.Net.NetworkInformation;
IPGlobalProperties.GetIPGlobalProperties().DomainName;
Works with a local user and a domain user.
适用于本地用户和域用户。
#5
1
From http://msdn.microsoft.com/en-us/library/system.directoryservices.directoryentry.path.aspx
To bind to the current domain using LDAP, use the path "LDAP://RootDSE", then get the default naming context and rebind the entry.
要使用LDAP绑定到当前域,请使用路径“LDAP:// RootDSE”,然后获取默认命名上下文并重新绑定该条目。
So without a domain the binding to "LDAP://RootDSE" should either fail or return nothing. I didn't try it for myself.
因此,如果没有域,对“LDAP:// RootDSE”的绑定应该失败或者不返回任何内容。我没有为自己尝试。
use System.DirectoryServices; // add reference to system.directoryservices.dll
...
DirectoryEntry ent = new DirectoryEntry("LDAP://RootDSE");
String str = ent.Properties["defaultNamingContext"][0];
DirectoryEntry domain = new DirectoryEntry("LDAP://" + str);
This is definitely a cleaner way of checking for an Active Directory than relying on an environment variable (which the user could delete or add to spoof the program).
这绝对是一种检查Active Directory的方法,而不是依赖于环境变量(用户可以删除或添加以欺骗程序)。