0

我正在尝试使用 VB.NET 从 Active Directory 中获取一些信息。我有一个用户的“primaryGroupID”,在这种情况下是 2096。 我怎样才能用VB.NET 得到这个组的CN?

最终,我需要做的是找到一个用户所属的组列表(包括属于另一个组的组)。我已经有一个函数可以获取除主要组之外的主要组,以及另一个返回主要组 ID 的函数。两者都在下面详细说明。

Public Function getUserGroups(ByVal Username)
    Dim grupos As New ArrayList()
    Try
        Dim Entry As New System.DirectoryServices.DirectoryEntry(ldapPath, ldapAdminUser, ldapAdminPass)
        Dim Searcher As New System.DirectoryServices.DirectorySearcher(Entry)
        Searcher.SearchScope = DirectoryServices.SearchScope.Subtree
        Searcher.Filter = "(&(objectcategory=user)(SAMAccountName=" & Username & "))"
        Dim res As SearchResult = Searcher.FindOne

        For i = 0 To res.Properties("memberOf").Count() - 1
            grupos.Add(res.Properties("memberOf")(i).ToString)
        Next
    Catch ex As Exception
    End Try
    Return grupos
End Function


Public Function GetUserPrimaryGroupID(ByVal user As String) As String
    Dim grupoID As String = ""
    Try
        Dim Entry As New System.DirectoryServices.DirectoryEntry(ldapPath, ldapAdminUser, ldapAdminPass)
        Dim Searcher As New System.DirectoryServices.DirectorySearcher(Entry)
        Searcher.SearchScope = DirectoryServices.SearchScope.Subtree
        Searcher.Filter = "(&(objectcategory=user)(SAMAccountName=" & user & "))"
        Dim res As SearchResult = Searcher.FindOne

        For i = 0 To res.Properties("primaryGroupID").Count() - 1
            grupoID = (res.Properties("primaryGroupID")(i).ToString) 'Esto devuelve la ruta "CN" del grupo
            'grupoID = (res.Properties("primaryGroupID")(i).ToString)
            'Dim de As DirectoryEntry = New DirectoryEntry("LDAP://" + res.Properties("primaryGroupID")(i).ToString())
        Next
    Catch ex As Exception
    End Try
    Return grupoID
End Function
4

1 回答 1

0

这里有一个 VBScript 示例 - http://support.microsoft.com/kb/297951

本质上,主要组 ID 是组的 RID(SID 的最后一个组成部分)。因此,要查找组,请将域 SID 和主组 ID 连接在一起。

于 2012-06-13T13:49:55.733 回答