using System;
using System.Collections.Generic;
using System.Configuration;
using System.DirectoryServices;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace WuZiFenGongSiInfomation.Common
{
/// <summary>
/// 域用戶驗證
/// </summary>
/// 2019-11-13 17:35:23 王浩力 添加
public class ActiveDirectoryHelper
{
///
/// LDAP綁定路徑,參考域地址LDAP://ptr.petreoshcna
///
private static string ADPath = ConfigurationManager.AppSettings["ptr"];
/// <summary>
/// 通過用戶名密碼驗證是否能夠登錄
/// </summary>
/// <param name="Account"></param>
/// <param name="Password"></param>
/// <returns>返回true表示賬號密碼正確,登錄驗證通過</returns>
public static bool Validate(string Account, string Password)
{
DirectoryEntry Entry;
//創建驗證用的實例
DirectoryEntry entry = new DirectoryEntry(ADPath, Account, Password);
try
{
object obj = entry.NativeObject;
DirectorySearcher search = new DirectorySearcher(entry);
//搜索條件是SAMAccountName
search.Filter = "(SAMAccountName= " + Account + ") ";
search.PropertiesToLoad.Add("cn");
//獲取搜索結果
Entry = search.FindOne().GetDirectoryEntry();
return true;
}
catch
{
return false;
}
}
/// <summary>
/// 讀取AD用戶信息 2019-11-13 17:52:30 王浩力 添加
/// </summary>
/// <param name= "ADUsername "> 用戶 </param>
/// <param name= "ADPassword "> 密碼 </param>
/// <param name= "domain "> 域名 </param>
/// <returns></returns>
public static SortedList<string, string> AdUserInfo(string ADUsername, string ADPassword)
{
System.DirectoryServices.DirectorySearcher src;
//string ADPath = "LDAP:// " + domain;// "ou=總公司,DC=abc,DC=com,DC=cn "; + ",ou=總公司 "
//string ADPath = ADPath
string domain = ADPath.Replace("LDAP://", "");
SortedList<string, string> _sortedList = new SortedList<string, string>();
string domainAndUsername = domain + @"\" + ADUsername;
System.DirectoryServices.DirectoryEntry de = new System.DirectoryServices.DirectoryEntry(ADPath, domainAndUsername, ADPassword);
src = new System.DirectoryServices.DirectorySearcher(de);
src.Filter = "(SAMAccountName=" + ADUsername + ")";
// 此參數可以任意設置,但不能不設置,如不設置讀取AD數據爲0~999條數據,設置後可以讀取大於1000條數據。
src.PageSize = 5;
// src.SizeLimit = 2000;
src.SearchScope = System.DirectoryServices.SearchScope.Subtree;
try
{
var list = src.FindAll();
LogHelpter.AddLog("獲取用戶信息成功");
string json = Newtonsoft.Json.JsonConvert.SerializeObject(list);
LogHelpter.AddLog("獲取用戶信息:");
LogHelpter.AddLog(json);
/** 返回的參考格式
[{
"Path": "LDAP://ptr.petrochina/CN=張譯文,OU=綜合辦公室(黨委辦公室),OU=頁岩氣研究院,OU=西南油氣田分公司,OU=西南區域中心,DC=ptr,DC=petrochina",
"Properties": {
"sn": ["張"],
"givenname": ["譯文"],
"samaccountname": ["zyw2018"],
"cn": ["張譯文"],
"pwdlastset": [132064379393008820],
"whencreated": ["2018-12-19T08:23:44"],
"accountexpires": [9223372036854775807],
"displayname": ["張譯文"],
"lastlogon": [132103071131352438],
"samaccounttype": [805306368],
"countrycode": [0],
"objectguid": ["hG/roK368Uqqw5kiTo0bzQ=="],
"lastlogontimestamp": [132102380907396197],
"usnchanged": [21787838],
"whenchanged": ["2019-08-14T06:54:50"],
"name": ["張譯文"],
"objectsid": ["AQUAAAAAAAUVAAAAilpBYELHdFIH5TsrrLwQAA=="],
"logoncount": [1],
"instancetype": [4],
"primarygroupid": [513],
"objectcategory": ["CN=Person,CN=Schema,CN=Configuration,DC=ptr,DC=petrochina"],
"userprincipalname": ["[email protected]"],
"msexchuseraccountcontrol": [0],
"useraccountcontrol": [66048],
"dscorepropagationdata": ["2019-06-13T03:16:25", "1601-01-01T00:00:01"],
"distinguishedname": ["CN=張譯文,OU=綜合辦公室(黨委辦公室),OU=頁岩氣研究院,OU=西南油氣田分公司,OU=西南區域中心,DC=ptr,DC=petrochina"],
"objectclass": ["top", "person", "organizationalPerson", "user"],
"usncreated": [2890900],
"memberof": ["CN=西南油氣田分公司,OU=西南油氣田分公司,OU=西南區域中心,DC=ptr,DC=petrochina"],
"mail": ["[email protected]"],
"adspath": ["LDAP://ptr.petrochina/CN=張譯文,OU=綜合辦公室(黨委辦公室),OU=頁岩氣研究院,OU=西南油氣田分公司,OU=西南區域中心,DC=ptr,DC=petrochina"],
"department": ["成都公共事務管理中心.府青路石油社區管理站"],
"codepage": [0],
"company": ["西南油氣田分公司"]
}
}]
**/
dynamic data = Newtonsoft.Json.JsonConvert.DeserializeObject<dynamic>(json);
string prop = Convert.ToString(data[0].Properties);
var sortedDict = Newtonsoft.Json.JsonConvert.DeserializeObject<SortedList<string, string[]>>(prop);
//用戶姓名
string userName = sortedDict["name"][0];
string departmentStr = sortedDict["distinguishedname"][0];
//公司
string company = departmentStr.Split(',')[2].Replace("OU=", "").Trim();
//部門
string department = departmentStr.Split(',')[1].Replace("OU=", "").Trim();
string companyDepartment = company + ">" + department;
_sortedList.Add("userName", userName);
_sortedList.Add("department", companyDepartment);
}
catch (System.Exception ex)
{
Console.WriteLine(ex.Message);
LogHelpter.AddLog(ex.ToString());
//throw new Exception("Get Ad Info ", ex);
}
return _sortedList;
}
}
}
C# AD域賬號登錄驗證,獲取域用戶信息
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.