我有以下代码:
DirectoryEntry directoryEntry = default(DirectoryEntry);
// Binding object.
DirectoryEntry objGroupEntry = default(DirectoryEntry);
// Group Results.
DirectorySearcher objSearchADAM = default(DirectorySearcher);
// Search object.
SearchResultCollection objSearchResults = default(SearchResultCollection);
// Binding path.
ActiveDirectory result = new ActiveDirectory();
ActiveDirectoryItem treeNode;
string adServer = ADTestProject.Properties.Settings.Default.Server;
string adDomain = ADTestProject.Properties.Settings.Default.Domain;
string adUsername = ADTestProject.Properties.Settings.Default.AdiminUsername;
string password = ADTestProject.Properties.Settings.Default.Password;
string[] dc = adDomain.Split('.');
string dcAdDomain = string.Empty;
foreach (string item in dc)
{
if (dc[dc.Length - 1].Equals(item))
dcAdDomain = dcAdDomain + "DC=" + item;
else
dcAdDomain = dcAdDomain + "DC=" + item + ",";
}
// Get the AD LDS object.
if (pathToAD.Length > 0)
directoryEntry = new DirectoryEntry("LDAP://" + adServer + "/CN=Users," + dcAdDomain, adUsername, password);
else
directoryEntry = new DirectoryEntry();
DirectorySearcher ds = new DirectorySearcher(directoryEntry);
ds.SearchScope = SearchScope.Subtree;
ds.Filter = "(&(objectClass=group))";
objSearchResults = ds.FindAll();
然后这个:
if (objSearchResults.Count != 0)
{
foreach (SearchResult objResult in objSearchResults)
{
objGroupEntry = objResult.GetDirectoryEntry();
result.ActiveDirectoryTree.Add(new ActiveDirectoryItem()
{ Id = objGroupEntry.Guid,
ParentId = objGroupEntry.Parent.Guid,
AccountName = objGroupEntry.Name,
Type = ActiveDirectoryType.Group,
PickableNode = false
});
foreach (object child in objGroupEntry.Properties["member"])
{
treeNode = new ActiveDirectoryItem();
var path = child.ToString().Replace;
using (var memberEntry = new DirectoryEntry(path))
{
if (memberEntry.Username != null && memberEntry.SchemaEntry.Name.CompareTo("group") != 0
&& memberEntry.Properties.Contains("sAMAccountName") && memberEntry.Properties.Contains("objectSid"))
{
treeNode.Id = Guid.NewGuid();
treeNode.ParentId = objGroupEntry.Guid;
treeNode.AccountName = memberEntry.Properties["sAMAccountName"][0].ToString();
treeNode.Type = ActiveDirectoryType.User;
treeNode.PickableNode = true;
treeNode.FullName = memberEntry.Properties["Name"][0].ToString();
byte[] sidBytes = (byte[])memberEntry.Properties["objectSid"][0];
treeNode.ObjectSid = new System.Security.Principal.SecurityIdentifier(sidBytes, 0).ToString();
result.ActiveDirectoryTree.Add(treeNode);
}
}
}
}
}
Child.ToString 可能如下所示:
CN=S-1-5-18,CN=ForeignSecurityPrincipals,DC=MyDomain,DC=local
问题是 memberEntry 的属性有很多异常吗?为什么?
例外是:
“memberEntry.Name”引发了“System.Runtime.InteropServices.COMException”字符串 {System.Runtime.InteropServices.COMException} 类型的异常 - 未指定的错误 -2147467259
堆栈跟踪:在 System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
在 System.DirectoryServices.DirectoryEntry.Bind() 在 System.DirectoryServices.DirectoryEntry.get_Name()