如何在 Active Directory 中获取/更新“联系人"?

问题描述

有没有办法在 Active Directory 中查找和更新联系人?我正在构建一个示例 C# .NET 应用程序来完成此任务.我将不胜感激任何代码.

is there a way to find and update the contacts in Active Directory? I'm building a sample C# .NET application to achieve this task. I would appreciate any code.

推荐答案

当然可以在 System.DirectoryServices 中进行.

Of course, you can do it in System.DirectoryServices.

我认为您真正需要的是学习如何使用系统.目录服务.如果你还没有一本好书，我推荐这本.

I think what you really need is to learn how to use System.DirectoryServices. If you don't have a good book yet, I recommend this one.

其实没那么难.您只需要掌握两个类，DirectoryEntry 和 DirectorySearcher.DirectoryEntry 表示 LDAP 服务器上的 LDAP 对象.假设您有足够的权限，您可以对任何 LDAP 对象进行更改，包括使用 目录条目.每个 LDAP 对象都有许多属性.您需要了解的两个重要属性是 objectCategory 和 objectClass.对于联系人对象，objectCategory 应为 person，objectClass 应为 contact.您可能还想检查存储电子邮件地址的联系人对象上的targetAddress"属性.联系人对象上有一堆 Exchange 扩展属性.您可能喜欢一一检查它们.要浏览 LDAP 服务器上的对象，您可以使用类似 AD Explorer 或ADSI 编辑

It's not that hard, really. You just need to master two classes, DirectoryEntry and DirectorySearcher. DirectoryEntry is representing a LDAP object on the LDAP server. Assuming you have sufficient permissions, you can make changes on any LDAP object, including the contact object using DirectoryEntry. Each LDAP object has a number of attributes. TWo important attributes you need to know are objectCategory and objectClass. For the contact object, the objectCategory should be person and objectClass should be contact. You may also like to check the "targetAddress" attribute on the contact object, which stores the email address. There are a bunch of Exchange extended attributes on contact object. You probably like to check each of them one by one. To browse the objects on LDAP server, you can use a tool like AD Explorer or ADSI Edit

要进行搜索，您需要向 提供四项内容目录搜索器.

To do a search, you need to provider four things to DirectorySearcher.

1. 搜索根目录
2. LDAP 搜索过滤器
3. 搜索范围
4. 返回的属性

如果您的机器已经加入域并且您以域用户身份登录，这里是一个关于如何列出域中所有联系人的示例.

If your machine is already joined to a domain and you are logging in as a domain user, here is a sample on how to list out all contacts in your domain.

DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE");
string domainContext = rootDSE.Properties["defaultNamingContext"].Value as string;
DirectoryEntry searchRoot = new DirectoryEntry("LDAP://" + domainContext);
using (DirectorySearcher searcher = new DirectorySearcher(
    searchRoot, 
    "(&(objectCategory=person)(objectClass=contact))", 
    new string[] {"targetAddress"}, 
    SearchScope.Subtree))
{
    foreach (SearchResult result in searcher.FindAll())
    {
        foreach (string addr in result.Properties["targetAddress"])
        {        
           Console.WriteLine(addr);
        }
        Console.WriteLine(result.Path);
    }
}

前三行是为了帮助您找到域根目录的正确 LDAP 路径.仅当您以域用户身份登录时才有效.如果您知道域的正确 LDAP 路径，则可以直接将其提供给 DirectoryEntry.

The first three lines are to help you to find the correct LDAP path to the root of your domain. It works only if you are logging in as a domain user. If you know the correct LDAP path of your domain, you can just feed it into DirectoryEntry directly.

我将所有四个参数都放入了 DirectorySearcher.当您熟悉目录服务编程时，您可以跳过其中的一些，.NET 将为您提供默认值.

I put all four parameters into DirectorySearcher. When you are getting familiar with Directory Services programming, you can skip some of them and .NET will provide a default value for you.

从 DiectorySearcher 返回的结果是 搜索结果.请注意，SearchResult 总是向您返回一组对象即使 targetAddress 不是多值属性.这是因为 LDAP 对象上的某些属性可能是多值的.

The result returned from DiectorySearcher is SearchResult. Note that SearchResult always return a collection of objects to you even though targetAddress is not a multivalue attribute. It's because some of the attributes on the LDAP object may be multi-value.

您可以从 SearchResult 获得的另一个重要信息是 Path.您可以稍后使用此路径创建 DirectoryEntry 对象.要更新您的联系人对象，您需要使用其 Properties 方法和 CommitChanges 方法.

Another important information you can get from SearchResult is the Path. You can create a DirectoryEntry object using this Path later. To update your contact object, you need to use its Properties method and CommitChanges method.

DirectoryEntry de = new DirectoryEntry(result.Path);
de.Properties["targetAddress"].Value = "SMTP:jane.doe@foo.bar";
de.CommitChanges();

最后，您实际上可以很容易地在 DirectorySearcher 和 DirectoryEntry.试试谷歌吧.

Finally, you can actually easily find a lot of online tutorial on both DirectorySearcher and DirectoryEntry. Try google it.

这篇关于如何在 Active Directory 中获取/更新“联系人"?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持跟版网！