Active Directory - 用户的角色

Active Directory - Roles of a user(Active Directory - 用户的角色)
本文介绍了Active Directory - 用户的角色的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

问题描述

我了解如何使用 User.IdentityUser.IsInRole

I understand how to use User.Identity and User.IsInRole

有没有办法查看用户的所有角色?

Is there a way to see all of the roles a user is in?

我们有很多组,有些人在很多组中,但我不想写 User.IsInRole 20+ 次.

We have a lot of groups and some people are in a lot of groups, but I don't want to write a User.IsInRole 20+ times.

推荐答案

在 Active Directory 上下文中,您所指的角色实际上是用户所属的安全(或授权)组.

In an Active Directory context, the Roles you refer to are really the security (or authorization) groups a user is a member of.

因此,如果您使用 .NET 3.5 及更高版本,则应查看 System.DirectoryServices.AccountManagement (S.DS.AM) 命名空间.在此处阅读所有相关信息:

So if you're on .NET 3.5 and up, you should check out the System.DirectoryServices.AccountManagement (S.DS.AM) namespace. Read all about it here:

  • 在 .NET Framework 3.5 中管理目录安全主体莉>
  • 有关 System.DirectoryServices.AccountManagement 的 MSDN 文档

基本上,您可以定义域上下文并轻松找到 AD 中的用户和/或组:

Basically, you can define a domain context and easily find users and/or groups in AD:

// set up domain context
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
{
   // find a user
   UserPrincipal user = UserPrincipal.FindByIdentity(ctx, "SomeUserName");

   if(user != null)
   {
       // get the authorization groups - those are the "roles" 
       var groups = user.GetAuthorizationGroups();

       foreach(Principal principal in groups)
       {
           // do something with the group (or role) in question
       }
   }
}

新的 S.DS.AM 使在 AD 中与用户和组一起玩变得非常容易!

The new S.DS.AM makes it really easy to play around with users and groups in AD!

这篇关于Active Directory - 用户的角色的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

本站部分内容来源互联网,如果有图片或者内容侵犯您的权益请联系我们删除!

相关文档推荐

Finding Active Directory users from 2 OU(从 2 个 OU 中查找 Active Directory 用户)
How to set a binary attribute when using a AccountManagement Extension Class?(使用 AccountManagement 扩展类时如何设置二进制属性?)
Getting last Logon Time on Computers in Active Directory(在 Active Directory 中的计算机上获取上次登录时间)
How to connect to Active Directory via LDAPS in C#?(如何在 C# 中通过 LDAPS 连接到 Active Directory?)
Why is DirectorySearcher so slow when compared to PrincipalSearcher?(与 PrincipalSearcher 相比,为什么 DirectorySearcher 如此缓慢?)
List of users in specific Active Directory Distribution Group(特定 Active Directory 通讯组中的用户列表)