c# - 如何使用主体类中未表示的 AD 属性

Question

Principal 类只有几个 AD 属性:

问题是我需要读取一个不在 Principal 类中的属性...

下面是我如何查询 AD 对象:

// create your domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain,ConfigurationManager.AppSettings["ADDomain"].ToString(), ConfigurationManager.AppSettings["ADUser"].ToString(), ConfigurationManager.AppSettings["ADPassword"].ToString());

// define a "query-by-example" principal - here, we search for all users
UserPrincipalEXT qbeUser = new UserPrincipalEXT(ctx);

// create your principal searcher passing in the QBE principal    
PrincipalSearcher srch = new PrincipalSearcher(qbeUser);

// find all matches
foreach (var found in srch.FindAll()) //FOUND represent the AD object
{
    ...
}

有没有办法扩展 Principal 类以获得更多 AD 属性？

Answer 1

如果您使用的是 .NET 3.5 及更高版本并使用 System.DirectoryServices.AccountManagement (S.DS.AM) 命名空间，则可以轻松扩展现有的 UserPrincipal 类以获得更高级的属性，如 Manager 等。

在这里阅读所有相关内容:

• Managing Directory Security Principals in the .NET Framework 3.5
• MSDN docs on System.DirectoryServices.AccountManagement

基本上，您只需定义一个基于 UserPrincipal 的派生类，然后定义您想要的其他属性:

[DirectoryRdnPrefix("CN")]
[DirectoryObjectClass("Person")]
public class UserPrincipalEx : UserPrincipal
{
    // Inplement the constructor using the base class constructor. 
    public UserPrincipalEx(PrincipalContext context) : base(context)
    { }

    // Implement the constructor with initialization parameters.    
    public UserPrincipalEx(PrincipalContext context,
                         string samAccountName,
                         string password,
                         bool enabled) : base(context, samAccountName, password, enabled)
    {} 

    // Create the "Department" property.    
    [DirectoryProperty("department")]
    public string Department
    {
        get
        {
            if (ExtensionGet("department").Length != 1)
                return string.Empty;

            return (string)ExtensionGet("department")[0];
        }
        set { ExtensionSet("department", value); }
    }

    // Create the "Manager" property.    
    [DirectoryProperty("manager")]
    public string Manager
    {
        get
        {
            if (ExtensionGet("manager").Length != 1)
                return string.Empty;

            return (string)ExtensionGet("manager")[0];
        }
        set { ExtensionSet("manager", value); }
    }
}

现在，您可以在代码中使用 UserPrincipalEx 的“扩展”版本:

using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
{
    // Search the directory for the new object. 
    UserPrincipalEx inetPerson = UserPrincipalEx.FindByIdentity(ctx, IdentityType.SamAccountName, "someuser");

    // you can easily access the Manager or Department now
    string department = inetPerson.Department;
    string manager = inetPerson.Manager;
}