Active Directory - 用户的角色

时间:2022-11-27
本文介绍了Active Directory - 用户的角色的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

问题描述

我了解如何使用 User.IdentityUser.IsInRole

I understand how to use User.Identity and User.IsInRole

有没有办法查看用户的所有角色?

Is there a way to see all of the roles a user is in?

我们有很多组,有些人在很多组中,但我不想写 User.IsInRole 20+ 次.

We have a lot of groups and some people are in a lot of groups, but I don't want to write a User.IsInRole 20+ times.

推荐答案

在 Active Directory 上下文中,您所指的角色实际上是用户所属的安全(或授权)组.

In an Active Directory context, the Roles you refer to are really the security (or authorization) groups a user is a member of.

因此,如果您使用 .NET 3.5 及更高版本,则应查看 System.DirectoryServices.AccountManagement (S.DS.AM) 命名空间.在此处阅读所有相关信息:

So if you're on .NET 3.5 and up, you should check out the System.DirectoryServices.AccountManagement (S.DS.AM) namespace. Read all about it here:

  • 在 .NET Framework 3.5 中管理目录安全主体莉>
  • 有关 System.DirectoryServices.AccountManagement 的 MSDN 文档

基本上,您可以定义域上下文并轻松找到 AD 中的用户和/或组:

Basically, you can define a domain context and easily find users and/or groups in AD:

// set up domain context
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
{
   // find a user
   UserPrincipal user = UserPrincipal.FindByIdentity(ctx, "SomeUserName");

   if(user != null)
   {
       // get the authorization groups - those are the "roles" 
       var groups = user.GetAuthorizationGroups();

       foreach(Principal principal in groups)
       {
           // do something with the group (or role) in question
       }
   }
}

新的 S.DS.AM 使在 AD 中与用户和组一起玩变得非常容易!

The new S.DS.AM makes it really easy to play around with users and groups in AD!

这篇关于Active Directory - 用户的角色的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

上一篇:如何在 C# 中通过 LDAPS 连接到 Active Directory? 下一篇:客户可配置的 asp.net 网站安全性,用于对页面和按钮访问进行细粒度控制

相关文章

最新文章