我需要找到特定用户所属的所有组。我使用的是 C++,而不是 Powershell,如果这是错误的论坛,我深表歉意。
根据我在 Web 上找到的内容,我需要检索 memberOf 属性,但我收到该属性不存在的错误消息。任何帮助,将不胜感激。这是代码:
HRESULT hrObj = E_FAIL;
HRESULT hr = E_FAIL;
ADS_SEARCHPREF_INFO SearchPrefs;
// COL for iterations
ADS_SEARCH_COLUMN col;
// Handle used for searching
ADS_SEARCH_HANDLE hSearch;
// Search entire subtree from root.
SearchPrefs.dwSearchPref = ADS_SEARCHPREF_SEARCH_SCOPE;
SearchPrefs.vValue.dwType = ADSTYPE_INTEGER;
SearchPrefs.vValue.Integer = ADS_SCOPE_SUBTREE;
// Set the search preference.
DWORD dwNumPrefs = 1;
hr = pSearchBase->SetSearchPreference(&SearchPrefs, dwNumPrefs);
if (FAILED(hr))
{
return hr;
}
// Create search filter.
LPWSTR pszFormat = L"(&(objectCategory=person)(objectClass=user)(sAMAccountName=%s))";
int len = wcslen(pszFormat) + wcslen(szFindUser) + 1;
LPWSTR pszSearchFilter = new WCHAR[len];
if(NULL == pszSearchFilter)
{
return E_OUTOFMEMORY;
}
swprintf_s(pszSearchFilter, len, pszFormat, szFindUser);
// Set attributes to return.
LPWSTR pszAttribute[NUM_ATTRIBUTES] = {L"ADsPath"};
// Execute the search.
hr = pSearchBase->ExecuteSearch(pszSearchFilter,
pszAttribute,
NUM_ATTRIBUTES,
&hSearch);
if (SUCCEEDED(hr))
{
// Call IDirectorySearch::GetNextRow() to retrieve the next row of data.
while(pSearchBase->GetNextRow(hSearch) != S_ADS_NOMORE_ROWS)
{
// Loop through the array of passed column names and
// print the data for each column.
for (DWORD x = 0; x < NUM_ATTRIBUTES; x++)
{
// Get the data for this column.
hr = pSearchBase->GetColumn(hSearch, pszAttribute[x], &col);
if (SUCCEEDED(hr))
{
// Print the data for the column and free the column.
// Be aware that the requested attribute is type CaseIgnoreString.
if (ADSTYPE_CASE_IGNORE_STRING == col.dwADsType)
{
IADs *pADS;
hr = ADsOpenObject( col.pADsValues->CaseIgnoreString,
L"Administrator",
L"passW0rd",
ADS_SECURE_AUTHENTICATION,
IID_IADs,
(void**)&pADS);
VARIANT var;
VariantInit(&var);
if (SUCCEEDED(hr))
{
hr = pADS->GetEx(L"memberOf", &var); <-- FAILS!!!
wprintf(L"Found User.\n",szFindUser);
wprintf(L"%s: %s\r\n",pszAttribute[x],col.pADsValues->CaseIgnoreString);
hrObj = S_OK;
}
}
pSearchBase->FreeColumn( &col );
}
else
{
hr = E_FAIL;
}
}
}
// Close the search handle to cleanup.
pSearchBase->CloseSearchHandle(hSearch);
}
delete pszSearchFilter;
if (FAILED(hrObj))
{
hr = hrObj;
}
最佳答案
除非您打算直接使用 AD,否则使用 Windows Net* 函数可能更容易:
#include <windows.h>
#include <lm.h>
#include <stdio.h>
int main() {
wchar_t user[256];
DWORD size = sizeof(user)/sizeof(user[0]);
GetUserNameW(user, &size);
printf("User: %S\n", user);
printf("Local groups: \n");
LPBYTE buffer;
DWORD entries, total_entries;
NetUserGetLocalGroups(NULL, user, 0, LG_INCLUDE_INDIRECT, &buffer, MAX_PREFERRED_LENGTH, &entries, &total_entries);
LOCALGROUP_USERS_INFO_0 *groups = (LOCALGROUP_USERS_INFO_0*)buffer;
for (int i=0; i<entries; i++)
printf("\t%S\n", groups[i].lgrui0_name);
NetApiBufferFree(buffer);
printf("Global groups: \n");
NetUserGetGroups(NULL, user, 0, &buffer, MAX_PREFERRED_LENGTH, &entries, &total_entries);
GROUP_USERS_INFO_0 *ggroups = (GROUP_USERS_INFO_0*)buffer;
for (int i=0; i<entries; i++)
printf("\t%S\n", ggroups[i].grui0_name);
NetApiBufferFree(buffer);
return 0;
}
关于c++ - 需要检索用户所属的所有组......在 C++ 中,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/10450998/