问题描述
我需要检查当前用户是否是活动目录组的成员.我从获取当前用户开始,如下所示.现在我想知道如何检查这个 CurrentUser 是否在活动目录组CustomGroup"中
I need to check whether current user is a member of an active directory group. I started with getting the current user as below. Now I want to know how to check this CurrentUser is in active directory group "CustomGroup"
string CurrentUser = WindowsIdentity.GetCurrent().Name;
推荐答案
您可以使用 .NET 3.5 System.DirectoryServices.AccountManagement 类.请参阅 MSDN 文章 Managing Directory Security Principals in the .NET Framework 3.5,了解细节.您可以使用以下内容:
You can use the .NET 3.5 System.DirectoryServices.AccountManagement classes. See the MSDN article Managing Directory Security Principals in the .NET Framework 3.5 for details. You can use something like:
string CurrentUser = WindowsIdentity.GetCurrent().Name; PrincipalContext context = new PrincipalContext(ContextType.Domain, "Domain"); UserPrincipal upUser = UserPrincipal.FindByIdentity(context, CurrentUser); if(upUser != null) { if (upUser.IsMemberOf(context, IdentityType.SamAccountName, "CustomGroup")) { // The user belongs to the group } }