Next, configure the Active Directory domain controller for Windows Server 2008 r2
Use C # to read information for the ad domain in combination with common requirements ^_^!
- Sample Preparation
- Knowledge
- Example of reading Ad Domain Information
- Directorysearcher. Filter attribute extension description
- Description of user attribute extension (including graphic attribute comparison)
- General
- Address
- Account
- Phone number
- Organization
- Sample download
- Open the ad Domain Controller configured in the previous article
- Start Menu --> Administrative Tools --> Active Directory users and computers
- Create organizational unit and user
- The new level is as follows:
It is very easy to use C # To access Active Directory.
Lightweight Directory Access Protocol (LDAP)
Two Component classes in the system. directoryservices namespace
Directoryentry and directoryseacher
Example of reading Ad Domain Information |
The example is written in winform in Framework 3.5.
Reads Organization Unit (OU) and user information based on common requirements, and synchronizes the hierarchical relationship between organization unit and user;
It focuses on user information, especially account, email, Sid, and other information;
- Next we start to connect to the domain and read it out.Sample PreparationOrganization Unit and user
First, write the code and use LDAP to try to access the domain.
Format: LDAP: // domain
# Region # Whether to connect to the domain /// <summary> // function: whether to connect to the domain /// Author: Wilson // time: 2012-12-15 // http://msdn.microsoft.com/zh-cn/library/system.directoryservices.directoryentry.path (V = vs.90 ). aspx // </Summary> /// <Param name = "domainname"> domain name or IP address </param> /// <Param name = "username"> User Name </ param> /// <Param name = "userpwd"> password </param> /// <Param name = "entry"> domain </param> /// <returns> </returns> private bool isconnected (string domainname, string username, string userpwd, out directoryentry domain) {domain = new directoryentry (); try {domain. path = string. format ("LDAP: // {0}", domainname); domain. username = username; domain. password = userpwd; domain. authenticationtype = authenticationtypes. secure; domain. refreshcache (); Return true;} catch (exception ex) {logrecord. writelog ("[isconnected method] error message:" + ex. message); return false ;}# endregion
Call the isconnected method by using parameters. The result is as follows:
- After connecting to the ad domain, find the root ou
# Region # Whether the domain has an organizational unit // <summary> // function: whether the domain has an organizational unit // Author: Wilson // time: /// </Summary> /// <Param name = "entry"> </param> /// <Param name = "ou"> </param> // /<returns> </returns> private bool isexistou (directoryentry entry, out directoryentry ou) {ou = new directoryentry (); try {ou = entry. children. find ("ou =" + txtrootou. text. trim (); Return (ou! = NULL);} catch (exception ex) {logrecord. writelog ("[isexistou method] error message:" + ex. Message); Return false ;}# endregion
Call the isexistou method by number. The result is as follows:
- Next, read the organization unit and user information.
In this example, an entity class and an enumeration type are created for ou and user to identify the hierarchy and export information.
# Region # type // <summary> // type // </Summary> Public Enum typeenum: int {// <summary> // organization unit // </Summary> ou = 1, /// <summary> /// user /// </Summary> User = 2 }# endregion # region # ad Domain Information Entity /// <summary> /// ad Domain Information Entity // </Summary> public class admodel {public admodel (string ID, string name, int typeid, string parentid) {id = ID; name = Name; typeid = typeid; parentid = parentid;} Public String ID {Get; set ;} public string name {Get; set;} public int typeid {Get; set;} Public String parentid {Get; Set ;}# endregion
Read the following information
Private list <admodel> List = new list <admodel> ();
# Region # synchronize /// <summary> /// function: Synchronize /// created by: Wilson // Creation Time: /// </Summary> // <Param name = "entryou"> </param> Public void syncall (directoryentry entryou) {directorysearcher mysearcher = new directorysearcher (entryou, "(objectclass = organizationalunit)"); // query the Organization Unit directoryentry root = mysearcher. searchroot; // search for the root ou syncrootou (Root); stringbuilder sb = new stringbuilder (); sb. append ("\ r \ NID \ t account \ t Type \ t parent ID \ r \ n "); foreach (VAR item in list) {sb. appendformat ("{0} \ t {1} \ t {2} \ t {3} \ r \ n", item. ID, item. name, item. typeid, item. parentid);} logrecord. writelog (sb. tostring (); MessageBox. show ("synchronization successful", this. text, messageboxbuttons. OK, messageboxicon. information); application. exit () ;}# endregion # region ## synchronize root organization units /// <summary> /// function: Synchronize root organization units /// Creator: wilson // Creation Time: /// </Summary> // /<Param name = "entry"> </param> private void syncrootou (directoryentry entry) {If (entry. properties. contains ("ou") & entry. properties. contains ("objectguid") {string rootouname = entry. properties ["ou"] [0]. tostring (); byte [] bguid = entry. properties ["objectguid"] [0] As byte []; string id = bitconverter. tostring (bguid); list. add (New admodel (ID, rootouname, (INT) typeenum. ou, "0"); syncsubou (entry, ID) ;}# endregion # region ## synchronize subordinate organization units and subordinate users /// <summary> // function: synchronize subordinate organization units and subordinate users /// Creator: Wilson /// Creation Time: /// </Summary> /// <Param name = "entry"> </param> /// <Param name = "parentid"> </param> private void syncsubou (directoryentry entry, string parentid) {foreach (directoryentry subentry in entry. children) {string entryschemaclsname = subentry. schemaclassname; string [] arr = subentry. name. Split ('='); string categorystr = arr [0]; string namestr = arr [1]; string id = string. empty; If (subentry. properties. contains ("objectguid") // Sid {byte [] bguid = subentry. properties ["objectguid"] [0] As byte []; id = bitconverter. tostring (bguid);} bool isexist = List. exists (D => D. id = ID); Switch (entryschemaclsname) {Case "organizationalunit": If (! Isexist) {list. add (New admodel (ID, namestr, (INT) typeenum. ou, parentid);} syncsubou (subentry, ID); break; Case "user": String accountname = string. empty; If (subentry. properties. contains ("samaccountname") {accountname = subentry. properties ["samaccountname"] [0]. tostring () ;}if (! Isexist) {list. Add (New admodel (ID, accountname, (INT) typeenum. User, parentid) ;} break ;}}# endregion
Call the syncall method to output the list cyclically. The result is as follows. You can see the hierarchical relationship clearly.
// ID Account type parent ID // your acompany 1 0 // FB-44-91-AE-AC-73-2B-4D-9F-01-B1-E2-16-D3-CB-1B department01 1 RMB // your department03 1 FB-44-91-AE-AC-73-2B-4D-9F-01-B1-E2-16-D3-CB-1B // E3-AD-47-45-38-64-02-4D-B9-83-2C-50-67-50-4F-92 ZW 2 RMB // your zhongw 2 FB-44-91-AE-AC-73-2B-4D-9F-01-B1-E2-16-D3-CB-1B // department02 1 rows // 1c-13-fa-66-e4-51-65-49-8b-dc-22-60-32-34-8f-22 Wilson 2 BC-D0-34-85-67-2F-05-4D-B5-77-E3-F4-AD-51-45-02 // export porschev 2 rows
Directorysearcher. Filter attribute extension description |
Directorysearcher mysearcher = new directorysearcher (entryou, "(objectclass = organizationalunit)"); // query the organizational unit
The second parameter is a filter. You can also enter other filtering conditions as required. The following lists several common
Filtering Conditions |
Value |
User |
(& (Objectcategory = person) (objectclass = user )) |
Computer |
(Objectcategory = computer) |
Group |
(Objectcategory = Group) |
Contact |
(Objectcategory = contact) |
Shared Folder |
(Objectcategory = volume) |
Printer |
(Objectcategory = printqueue) |
For more advanced filtering, see http://msdn.microsoft.com/zh-cn/library/system.directoryservices.directorysearcher.filter (V = vs.80). aspx
Description of user attribute extension (including graphic attribute comparison) |
In this example, only the user has read several attributes. If you have used the ad domain, you should know that there are many attributes that are commonly used.
The following uses the user details in the ad domain to compare the corresponding attribute names.
ID |
Tab Item Name |
Attribute name |
① |
Surname (l) |
Sn |
② |
Name (f) |
Givenname |
③ |
Display name (s) |
Displayname |
④ |
Description (d) |
Description |
⑤ |
Office (c) |
Physicaldeliveryofficename |
⑥ |
I) |
Initials |
7. |
Telephone number (t) |
Telephonenumber |
Bytes |
Email (m) |
Mail |
Bytes |
Web page (W) |
Wwwhomepage |
Bytes |
Phone number-others (o )... |
Othertelephone |
Bytes |
Webpage-Other (r )... |
URL |
ID |
Tab Item Name |
Attribute name |
① |
Country/region (o) |
CO |
② |
Province/Autonomous Region (V) |
St |
③ |
City/County (c) |
L |
④ |
Sub-district (s) |
Streetaddress |
⑤ |
Mailbox (B) |
Postofficebox |
⑥ |
Zip code (z) |
Postalcode |
ID |
Tab Item Name |
Attribute name |
① |
User Login Name (u) |
Userprincipalname |
② |
User Login Name (earlier than Windows 2000) (W) |
Samaccountname |
ID |
Tab Item Name |
Attribute name |
① |
Home Phone (m) |
Homephone |
② |
Pager (P) |
Pager |
③ |
Mobile phone (B) |
Mobile |
④ |
Fax (f) |
Facsimiletelephonenumber |
⑤ |
IP Phone (I) |
Ipphone |
⑥ |
Note |
Info |
7. |
Home phone-others (o) |
Otherhomephone |
Bytes |
Pager-others (t) |
Otherpager |
Bytes |
Mobile phone-others (B) |
Othermobile |
Bytes |
Fax-Others (E) |
Otherfacsimiletelephonenumber |
Bytes |
IP Phone-others (r) |
Otheripphone |
ID |
Tab Item Name |
Attribute name |
① |
Company (c) |
Company |
② |
Department (d) |
Department |
③ |
Title (j) |
Title |
④ |
Manager-Name (N) |
Manager |
⑥ |
Direct subordinate (E) |
Directreports |
Some other attributes are not listed. You can output directoryentry. properties. propertynames cyclically.
For example, using objectsid is also an important attribute for a user and will be used when setting Windows sharing!
Example download: http://files.cnblogs.com/zhongweiv/SynchronousAD.zip
The sample code is relatively simple and can be downloaded as needed. Let's take a look at it. ^_^!