我正在寻找可以帮助我通过 SSL 从活动目录中获取用户对象的架构属性信息的方法或搜索过滤器。
我正在使用LdapConnection类连接到服务器。很容易获得认证服务器。
下面是验证代码:
public bool Authenticate(string password)
{
try
{
var credential = new NetworkCredential(UserName, password, Domain);
var ldapServer = Domain;
var ldapConnection = new LdapConnection(ldapServer);
ldapConnection.Bind(credential);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
return false;
}
return false;
}
它返回一个成功的结果。
我的要求是使用LdapConnection搜索请求获取 Active Directory 中存在的用户对象的所有架构属性。
DirectoryEntry或者PrincipalContext很容易让用户获取模式信息,但在我的情况下,我只需要LdapConnection类的所有信息。
这就是我搜索用户的方式,但这是获取用户信息的方法,我只需要模式信息,而且此方法仅返回那些具有值的属性。
LdapConnection connection = new LdapConnection(ldapServer);
connection.SessionOptions.SecureSocketLayer = true;
connection.SessionOptions.VerifyServerCertificate = (ldapConnection, certificate) => true;
connection.AuthType = AuthType.Negotiate;
NetworkCredential credential = new NetworkCredential(username, password);
connection.Credential = credential;
connection.Bind();
string filter = string.Format(CultureInfo.InvariantCulture, "(&(objectClass=user)(objectCategory=user) (sAMAccountName={0}))", LdapEncode(username));
var attributes = new[] { "sAMAccountName", "displayName", "mail" };
SearchRequest searchRequest = new SearchRequest(baseDn, filter, SearchScope.Subtree, attributes);
var searchResponse = (SearchResponse)connection.SendRequest(searchRequest);
if (searchResponse?.ResultCode == ResultCode.Success)
{
var entry = searchResponse.Entries[0];
var model = new LdapUserModel
{
Identity = GetStringValue(entry, "sAMAccountName"),
Email = GetStringValue(entry, "mail"),
Username = GetStringValue(entry, "sAMAccountName"),
};
return model;
}