0

我看到了几个问题,这些问题表明与用户和组有关,但我不知道他们的用例是什么。

我要做的就是找到用户在成功通过身份验证后链接到的组。

使用以下内容:

    public bool LogInViaLDAP(LoginDTO userForLoginDto)
    {
        var user = userForLoginDto.Username;
        string userDn = $"cn={user},ou=users,ou=system";
        using (var connection = new LdapConnection { SecureSocketLayer = _isSecureSocketLayer })
        {

            connection.ConnectionTimeout = 36000;
            connection.Connect(_domain, _port);
            connection.Bind(userDn, userForLoginDto.Password);
            string[] requiredAttributes = { "cn", "sn", "ou" };
            string searchFilter = "objectClass=inetOrgPerson";

            //this is where I was attempting to find the user's group association.
            var groups = SearchForGroup(connection, userDn, searchFilter, requiredAttributes, false);

            if (connection.Bound)
                return true;
        }
        return false;
    }
    
    
    HashSet<string> SearchForGroup(LdapConnection connection, string user, string searchFilter, string[] requiredAttributes, bool typesOnly)
    {

        var result = connection.Search(user, LdapConnection.ScopeSub, searchFilter, requiredAttributes, typesOnly);

        LdapEntry nextEntry = null;
        while (result.HasMore())
        {
            nextEntry = result.Next();
        }

        //This only seems th return the 
        //sn - surname and cn - common name.
        var data = nextEntry.GetAttributeSet();

        return new HashSet<string>();
    }
4

1 回答 1

1

我认为 Novell 包是基于 LDAP 使用的实际查询语言。

因此,我在 Apache Directory Studio 中选择了ou=groups节点,并尝试使用以下命令从那里搜索我的用户:

uniqueMember=cn=用户名,ou=用户,ou=系统

这返回了用户链接到的组,所以我继续。

string[] requiredAttributes = { "cn" };   
var groups = SearchForGroup(connection, "ou=groups,ou=system", "uniqueMember=cn=username,ou=users,ou=system", requiredAttributes, false);

上面的片段演示了如何在我的 c# 代码中传递参数以复制我在 Directory Studio 中所做的事情

    HashSet<string> SearchForGroup(LdapConnection connection, string entryPoint, string searchFilter, string[] requiredAttributes, bool typesOnly)
    {

        var result = connection.Search(entryPoint, LdapConnection.ScopeSub, searchFilter, requiredAttributes, typesOnly);

        LdapEntry nextEntry = null;

        var groups = new HashSet<string>();
        foreach (var group in result)
        {
            var attribute = group.GetAttribute("cn");
            groups.Add(attribute.StringValue);
        }

        return groups;
    }
于 2021-11-02T15:20:14.907 回答