问题描述
我正在使用 System.DirectoryServices.ActiveDirectory 类来查找所有 Active Directory 用户.代码很简单:
I'm using the System.DirectoryServices.ActiveDirectory classes to find all Active Directory users. The code is very simple:
var context = new PrincipalContext(ContextType.Domain); var searcher = new PrincipalSearcher(new UserPrincipal(context)); var results = searcher.FindAll();
我想以友好"(又名Windows 2000 之前"格式)获取域限定用户名,例如.CONTOSOSmithJ".UserPrincipal.SamAccountName 给了我用户名部分,但我如何获得域部分?我不能假设域将与机器或当前用户的域相同.
I want to get the domain-qualified username in the "friendly" (aka. "pre-Windows 2000" format), eg. "CONTOSOSmithJ". UserPrincipal.SamAccountName gives me the username part, but how do I get the domain part? I cannot assume that the domain will be the same as the machine's or current user's domain.
推荐答案
对于 AD DS,msDS-PrincipalName 的值是 NetBIOS 域名,后跟一个反斜杠(").
For AD DS, the value of msDS-PrincipalName is the NetBIOS domain name, followed by a backslash ("").
您可以使用:
/* Retreiving the root domain attributes */ sFromWhere = "LDAP://DC_DNS_NAME:389/dc=dom,dc=fr"; DirectoryEntry deBase = new DirectoryEntry(sFromWhere, "*****Login", "PWD"); DirectorySearcher dsLookForDomain = new DirectorySearcher(deBase); dsLookForDomain.Filter = "(objectClass=*)"; dsLookForDomain.SearchScope = SearchScope.base; dsLookForDomain.PropertiesToLoad.Add("msDS-PrincipalName"); SearchResult srcDomains = dsLookForDomain.FindOne();