0

我有 GroupPrincipal 扩展,它添加了几个 extensionAttributes:

[DirectoryObjectClass("group")]
[DirectoryRdnPrefix("CN")]

public class GroupPrincipalsEx : GroupPrincipal
{
    public GroupPrincipalsEx(PrincipalContext context) : base(context) { }

    public GroupPrincipalsEx(PrincipalContext context, string samAccountName)
        : base(context, samAccountName)
    {
    }

    [DirectoryProperty("ExtensionAttribute1")]
    public string ExtensionAttribute1
    {
        get
        {
            if (ExtensionGet("ExtensionAttribute1").Length != 1)
                return null;

            return (string)ExtensionGet("ExtensionAttribute1")[0];

        }
        set { this.ExtensionSet("ExtensionAttribute1", value); }
    }

    [DirectoryProperty("ExtensionAttribute2")]
    public string ExtensionAttribute2
    {
        get
        {
            if (ExtensionGet("ExtensionAttribute2").Length != 1)
                return null;

            return (string)ExtensionGet("ExtensionAttribute2")[0];

        }
        set { this.ExtensionSet("ExtensionAttribute2", value); }
    }

    [DirectoryProperty("ExtensionAttribute3")]
    public string ExtensionAttribute3
    {
        get
        {
            if (ExtensionGet("ExtensionAttribute3").Length != 1)
                return null;

            return (string)ExtensionGet("ExtensionAttribute3")[0];

        }
        set { this.ExtensionSet("ExtensionAttribute3", value); }
    }

    [DirectoryProperty("ExtensionAttribute4")]
    public string ExtensionAttribute14
    {
        get
        {
            if (ExtensionGet("ExtensionAttribute4").Length != 1)
                return null;

            return (string)ExtensionGet("ExtensionAttribute4")[0];

        }
        set { this.ExtensionSet("ExtensionAttribute4", value); }
    }
}

我需要获取特定用户所属的组列表,并且该组的 extensionAttribute1 是特定值。它应该返回自定义对象数组(组 SamAccountName、DN、extensionAttributes 1-4)。

我知道如何让所有组用户成为成员,但我在将 GroupPrincipal 转换为 GroupPrincipalsEx 时遇到问题。

public List<GroupPrincipalsEx> GetGroups(string userName, Boolean Recurent = false)
    {
        List<GroupPrincipalsEx> result = new List<GroupPrincipalsEx>();

        // establish domain context
        PrincipalContext yourDomain = new PrincipalContext(ContextType.Domain);

        // find your user
        UserPrincipal user = UserPrincipal.FindByIdentity(yourDomain, userName);

        // if found - grab its groups
        if (user != null)
        {
            PrincipalSearchResult<Principal> groups = Recurent ? user.GetAuthorizationGroups() : user.GetGroups();

            // iterate over all groups
            foreach (Principal p in groups)
            {
                // make sure to add only group principals
                if (p is GroupPrincipal)
                {
                    //I need a way to cast p from GroupPrincipal to GroupPrincipalsEx and then add it to array
                    GroupPrincipalsEx gp = (GroupPrincipalsEx)p;
                    if(gp.ExtensionAttribute1 == "Specific Value")
                       result.Add(gp);
                }
            }
        }

        return result;
    }

知道如何在不使用 DirectoryEntry 的情况下执行此操作吗?

4

1 回答 1

0

您应该重新考虑您的类层次结构。投射到子班从来都不是最佳做法。无论如何,我会这样编码:

var gp = p as GroupPrincipalsEx;
// make sure to add only group principals
if (gp != null && gp.ExtensionAttribute1 == "Specific Value")
   result.Add(gp)
于 2014-01-17T09:52:40.953 回答