0

我是一名新的 Web 开发人员,在我的公司中,所有 ASP.NET 应用程序都依赖于一个系统,该系统从 SAP 系统中提取用户信息并将它们作为 XML 文档检索。该系统只有一个文本框用于插入用户名以检索他的信息。例如:如果您插入用户名:johnA,系统将为您提供以下信息:John Arneson Elli 等。

然后,在基于 ASP.NET Web 的应用程序中,我们曾经使用三个 C# 类来与该系统建立连接,并帮助从该系统获取特定的用户信息。无论如何,现在我们想用一个从 Active Directory 获取用户信息的新系统替换该系统。

我将以下代码放在服务器中,它运行良好,因此当员工在我们的服务器中访问此代码时,他会看到一个显示他所有信息的页面。我现在想做的是在我们所有开发的和下一个新开发的基于 Web 的应用程序中使用它,方法是放置一个 TextBox 来放置用户的用户名并从这个系统中检索他的所有信息。那么该怎么做呢?

我是一个初学者,我无法在谷歌或其他任何地方找到这样做的方法。

我用于访问 Active Directory 的课程代码是:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.DirectoryServices;

/// <summary>
/// Summary description for ActiveDirectory
/// </summary>
public class ActiveDirectory
{
    public static string GetPersonData(string id, string datatype)
    {
        //return "x xx xxxx xxx xxx"; //comment this line.
        //Faster performance through Active Directory
        string property = datatype;
        switch (property) //backwards compatibility
        {
            /* case "tel":
                return FindProperty(id, Property.Tel);*/
            case "name":
                return FindProperty(id, Property.Name);
            case "dept":
                return FindProperty(id, Property.Dept);
            case "line":
                return FindProperty(id, Property.Line);
            case "email":
                return FindProperty(id, Property.Email);
            case "id":
                return FindProperty(id, Property.Name);
            default:
                return "";
        }
    }

    //ACTIVE DIRECTORY OPTION.. FOR A BETTER PERFORMANCE
    const string ID = "cn";
    const string NAME = "displayName";
    const string TEL = "telephoneNumber";
    const string DEPT = "department";
    const string LINE = "extensionAttribute3";
    const string UNIT = "extensionAttribute10";
    const string TITLE = "title";
    const string FNAME = "givenName";
    const string MNAME = "initials";
    const string LNAME = "sn";
    const string EMAIL = "mail";
    const string AREA = "extensionAttribute3";
    const string MANAGER = "manager";
    const string ORGCODE = "extensionAttribute10";
    const string DN = "distinguishedName";

    public enum Property
    {
        Name, Tel, Dept, Line, Unit, Title, Fname, Mname, Lname, Email, Manager, OrgCode, DistinguishedName
    }

    public static DirectoryEntry GetDirectoryEntry() 
    {
        using (((System.Security.Principal.WindowsIdentity)HttpContext.Current.User.Identity).Impersonate())
        {
            DirectoryEntry de = new DirectoryEntry(); //DirectoryEntry class encapsulates a node or object in the AD hierarchy
            de.Path = "LDAP://CompanyName.COM";
            de.AuthenticationType = AuthenticationTypes.Delegation;

            return de;
        }
    }

    public static bool UserExists(string username)
    {
        DirectoryEntry de = GetDirectoryEntry();
        DirectorySearcher deSearch = new DirectorySearcher(); //Directory Searcher: It will perform queries against the active directory hierarchy 

        deSearch.SearchRoot = de; //SearchRoot is used to specify where the search starts
        deSearch.Filter = "(&(objectClass=user) (cn=" + username + "))"; //the search retrieves all objects.

        // Create a SearchResultCollection object to hold a collection of SearchResults
        // returned by the FindAll method.
        SearchResultCollection results = deSearch.FindAll();

        return results.Count > 0;
    }
    public static String FindName(String userAccount)
    {
        DirectoryEntry entry = GetDirectoryEntry();
        String account = userAccount.Replace(@"Domain\", "");

        try
        {
            DirectorySearcher search = new DirectorySearcher(entry);
            search.Filter = "(SAMAccountName=" + account + ")";
            search.PropertiesToLoad.Add("displayName");

            SearchResult result = search.FindOne();

            if (result != null)
            {
                return result.Properties["displayname"][0].ToString();
            }
            else
            {
                return "Unknown User";
            }
        }
        catch (Exception ex)
        {
            string debug = ex.Message;

            return debug;
        }
    }

    public static String FindProperty(String userAccount, Property p)
    {
        string property = "";

        //proceed with LDAP search.
        switch (p)
        {
            case Property.Dept:
                property = DEPT;
                break;
            case Property.Email:
                property = EMAIL;
                break;
            case Property.Fname:
                property = FNAME;
                break;
            case Property.Line:
                property = LINE;
                break;
            case Property.Lname:
                property = LNAME;
                break;
            case Property.Mname:
                property = MNAME;
                break;
            case Property.Name:
                property = NAME;
                break;
            case Property.Tel:
                property = TEL;
                break;
            case Property.Title:
                property = TITLE;
                break;
            case Property.Unit:
                property = UNIT;
                break;
            case Property.Manager:
                property = MANAGER;
                break;
            case Property.OrgCode:
                property = ORGCODE;
                break;
            case Property.DistinguishedName:
                property = DN;
                break;
            default:
                return "";

        }

        DirectoryEntry entry = GetDirectoryEntry();
        String account = userAccount.Replace(@"Domain\", "");

        try
        {
            System.Text.Encoding enc = System.Text.Encoding.ASCII;
            DirectorySearcher search = new DirectorySearcher(entry);
            search.Filter = "(&(objectCategory=user)(SAMAccountName=" + account + "))";
            search.PropertiesToLoad.Add(property);

            SearchResult result = search.FindOne();
            search.Dispose();
            entry.Close();
            entry.Dispose();

            if (result != null)
            {
                object value = result.Properties[property][0];
                if (value is System.Byte[])
                    return enc.GetString((byte[])value);
                else
                    return value.ToString();
            }
            else
            {
                return "-";
            }
        }
        catch (Exception ex)
        {
            string debug = ex.Message;

            return "debug";
        }
    }


    public static List<string> FindChildren(string userAccount)
    {
        DirectoryEntry entry = GetDirectoryEntry();
        String account = userAccount.Replace(@"Domain\", "");
        string dn = FindProperty(userAccount, Property.DistinguishedName);
        dn.Replace("*","\\2a");
        dn.Replace("(", "\\28");
        dn.Replace(")", "\\29");
        dn.Replace("\\", "\\5c");
        dn.Replace("NUL", "\\00");
        dn.Replace("/", "\\2f");

        string property = ID;
        List<string> output = new List<string>();
        try
        {
            System.Text.Encoding enc = System.Text.Encoding.ASCII;
            DirectorySearcher search = new DirectorySearcher(entry);
            search.Filter = "(&(objectCategory=user)(manager=" + dn + "))";
            search.PropertiesToLoad.Add(property);

            SearchResultCollection results = search.FindAll();
            search.Dispose();
            entry.Close();
            entry.Dispose();

            if (results != null)
            {
                foreach (SearchResult result in results)
                {
                    object value = result.Properties[property][0];
                    if (value is System.Byte[])
                        output.Add(enc.GetString((byte[])value));
                    else
                        output.Add(value.ToString());
                }
            }
        }
        catch (Exception ex)
        {
            throw ex;
        }
        return output;
    }
    public static string FindOrg(string orgcode, string property)
    {
        DirectoryEntry entry = GetDirectoryEntry();

        try
        {
            System.Text.Encoding enc = System.Text.Encoding.ASCII;
            DirectorySearcher search = new DirectorySearcher(entry);
            search.Filter = "(&(objectCategory=user)(" + ORGCODE + "=" + orgcode + "*))";
            search.PropertiesToLoad.Add(property);

            SearchResult result = search.FindOne();
            search.Dispose();
            entry.Close();
            entry.Dispose();

            if (result != null)
            {
                object value = result.Properties[property][0];
                if (value is System.Byte[])
                    return enc.GetString((byte[])value);
                else
                    return value.ToString();
            }
            else
            {
                return "-";
            }
        }
        catch (Exception ex)
        {
            string debug = ex.Message;

            return "debug";
        }
    }
}

更新:

供您参考,以上课程在服务器上。现在,我正在开发一个新的基于 Web 的应用程序。在这个基于 Web 的应用程序中,我有一个用于输入用户名的文本框。那么我如何能够将此用户名发送到该系统并将其用户信息检索到该应用程序?你能给我举个例子吗?

4

2 回答 2

1

好的,现在了解您真正需要什么。实现这一目标的最佳方法是使用 asp.net webservices。这意味着您必须对当前在服务器上运行的代码进行一些编辑。
请查看Asp.net Web 服务并查看以下链接:Microsoft Web Services weblinkCreate and Use ASP.NET Web Service

于 2012-05-13T06:09:07.500 回答
1

如果您使用的是 .NET 3.5 及更高版本,则应查看System.DirectoryServices.AccountManagement(S.DS.AM) 命名空间。在这里阅读所有相关信息:

基本上,您可以定义域上下文并在 AD 中轻松找到用户和/或组:

// set up domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);

// find a user
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, "SomeUserName");

if(user != null)
{
   // do something here....     
}

// find the group in question
GroupPrincipal group = GroupPrincipal.FindByIdentity(ctx, "YourGroupNameHere");

// if found....
if (group != null)
{
   // iterate over members
   foreach (Principal p in group.GetMembers())
   {
      Console.WriteLine("{0}: {1}", p.StructuralObjectClass, p.DisplayName);
      // do whatever you need to do to those members
   }
}

新的 S.DS.AM 使得在 AD 中与用户和组一起玩变得非常容易!

正如“Nation”在他的回复中提到的那样,如果您将其“隐藏”在 Web 服务接口后面,那么各种应用程序都可以调用您的代码并从 Active Directory 中获取他们需要的信息!

于 2012-05-13T07:01:28.293 回答