访问AD问题:asp.net如何访问Active Directory获取域用户?
AD(域控制器)在服务器A上,AP(web系统)在服务器B上,
域名称:dnssvr;
在局域网内的机器都加入域dnssvr,然后访问服务器B上的AP
请问在AP的首页该如何写代码获取访问此AP的用户并去AD验证?
谢谢各位先!
[解决办法]
<%@ Page language= "c# " AutoEventWireup= "true " %>
<%@ Import Namespace= "System.Threading " %>
<%@ Import Namespace= "System.Security.Principal " %>
<HTML>
<HEAD>
<title> WhoAmI </title>
</HEAD>
<body>
<form id= "WhoAmI " method= "post " runat= "server ">
<TABLE id=contextTable border=1>
<TR>
<TD align=middle colSpan=3 rowSpan= " ">
HttpContext.Current.User.Identity </TD>
</TR>
<TR>
<TD> <b> Name </b> </TD>
<TD> <asp:Label ID= "contextName " Runat=server /> </TD>
</TR>
<TR>
<TD> <b> IsAuthenticated </b> </TD>
<TD> <asp:Label ID= "contextIsAuth " Runat=server /> </TD>
</TR>
<TR>
<TD> <b> AuthenticationType </b> </TD>
<TD> <asp:Label ID= "contextAuthType " Runat=server /> </TD>
</TR>
</TABLE>
<br/> <br/>
<TABLE id=windowsIdentityTable border=1>
<TR>
<TD align=middle colSpan=3 rowSpan= " "> WindowsIdentity.GetCurrent() </TD>
</TR>
<TR>
<TD> <b> Name </b> </TD>
<TD> <asp:Label ID= "windowsName " Runat=server /> </TD>
</TR>
<TR>
<TD> <b> IsAuthenticated </b> </TD>
<TD> <asp:Label ID= "windowsIsAuth " Runat=server /> </TD>
</TR>
<TR>
<TD> <b> AuthenticationType </b> </TD>
<TD> <asp:Label ID= "windowsAuthType " Runat=server /> </TD>
</TR>
</TABLE>
<br/> <br/>
<TABLE id=threadIdentityTable border=1>
<TR>
<TD align=middle colSpan=3
rowSpan= " "> Thread.CurrentPrincipal.Identity </TD>
</TR>
<TR>
<TD> <b> Name </b> </TD>
<TD> <asp:Label ID= "threadName " Runat=server /> </TD>
</TR>
<TR>
<TD> <b> IsAuthenticated </b> </TD>
<TD> <asp:Label ID= "threadIsAuthenticated " Runat=server /> </TD>
</TR>
<TR>
<TD> <b> AuthenticationType </b> </TD>
<TD> <asp:Label ID= "threadAuthenticationType " Runat=server /> </TD>
</TR>
</TABLE>
</form>
</body>
</HTML>
<script runat=server>
void Page_Load(Object sender, EventArgs e)
{
IIdentity id = HttpContext.Current.User.Identity;
if(null != id)
{
contextName.Text = id.Name;
contextIsAuth.Text = id.IsAuthenticated.ToString();
contextAuthType.Text = id.AuthenticationType;
}
id = Thread.CurrentPrincipal.Identity;
if(null != id)
{
threadName.Text = id.Name;
threadIsAuthenticated.Text = id.IsAuthenticated.ToString();
threadAuthenticationType.Text = id.AuthenticationType;
}
id = WindowsIdentity.GetCurrent();
windowsName.Text = id.Name;
windowsIsAuth.Text = id.IsAuthenticated.ToString();
windowsAuthType.Text = id.AuthenticationType;
}
</script>
[解决办法]
public bool IsAuthenticated(string username, string pwd, string domain)
{
string ADPath = "LDAP:// " + domain;
DirectoryEntry entry = new DirectoryEntry(ADPath,
username, pwd);
try
{
Object obj = entry.NativeObject;
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName= " + username + ") ";
search.PropertiesToLoad.Add( "cn ");
SearchResult result = search.FindOne();
if (null == result)
{
return false;
}
//string str = result.GetDirectoryEntry().Properties[ "displayName "].Value.ToString();
return true;
}
catch (Exception ex)
{
AppException oAppException = new AppException( "AD Services Login ", ex);
return false;
}
}
/// <summary>
/// 读取AD用户信息
/// </summary>
/// <param name= "ADUsername "> 用户 </param>
/// <param name= "ADPassword "> 密码 </param>
/// <param name= "domain "> 域名 </param>
/// <returns> </returns>
public static SortedList AdUserInfo(string ADUsername, string ADPassword, string domain ,Label lb)
{
DirectorySearcher src;
string ADPath = "LDAP:// " + domain;// "ou=总公司,DC=abc,DC=com,DC=cn "; + ",ou=总公司 "
SortedList sl = new SortedList();
string GroupName = string.Empty;
GroupName = "总公司 ";
DirectoryEntry de = new DirectoryEntry(ADPath, ADUsername, ADPassword);
string domainFilter=ConfigurationManager.AppSettings[ "DomainFilter "].ToString();
if (domainFilter != string.Empty || domainFilter != " ")
{
domainFilter = domainFilter.Replace( "_ ", "& "); //( "(&(objectCategory=person)(objectClass=user)) ");
src = new DirectorySearcher(domainFilter);
}
else
{
src = new DirectorySearcher();
}
src.SearchRoot = de;
src.PageSize = 10000;// 此参数可以任意设置,但不能不设置,如不设置读取AD数据为0~999条数据,设置后可以读取大于1000条数据。
// src.SizeLimit = 2000;
src.SearchScope = SearchScope.Subtree;
try
{
foreach (SearchResult res in src.FindAll()) // foreach (SearchResult res in src.FindAll()) foreach (DirectoryEntry res in de.Children)
{
//if (res.GetDirectoryEntry().Properties[ "EmailAddress "].Value != " ")
//{
sl.Add(res.GetDirectoryEntry().Properties[ "Name "].Value, res.GetDirectoryEntry().InvokeGet( "Description "));
// }
}
}
catch (Exception ex)
{
AppException oAppException = new AppException( "Get Ad Info ", ex);
lb.Text = ex.Message;
}
return sl;
}
[解决办法]
学习
[解决办法]
靠,楼山的楼山的是强人
[解决办法]
mark
