C# 获取 WinNT 组的成员列表

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/252882/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-03 20:02:55  来源:igfitidea点击:

Get a list of members of a WinNT group

c#.netactive-directoryactive-directory-groupwindows-security

提问by Kepboy

There are a couple of questions similar to this on stack overflow but not quite the same.

在堆栈溢出上有几个与此类似的问题,但并不完全相同。

I want to open, or create, a local group on a win xp computer and add members to it, domain, local and well known accounts. I also want to check whether a user is already a member so that I don't add the same account twice, and presumably get an exception.

我想在 win xp 计算机上打开或创建一个本地组并向其中添加成员、域、本地和知名帐户。我还想检查一个用户是否已经是会员,这样我就不会两次添加相同的帐户,并且可能会出现异常。

So far I started using the DirectoryEntry object with the WinNT://provider. This is going ok but I'm stuck on how to get a list of members of a group?

到目前为止,我开始将 DirectoryEntry 对象与WinNT://提供程序一起使用。一切正常,但我一直在纠结如何获取群组成员的列表?

Anyone know how to do this? Or provide a better solution than using DirectoryEntry?

有人知道怎么做吗?或者提供比使用 DirectoryEntry 更好的解决方案?

采纳答案by Kepboy

Okay, it's taken a while, messing around with different solutions but the one that fits best with my original question is given below. I can't get the DirectoryEntry object to access the members of a local group using the 'standard' methods, the only way I could get it to enumerate the members was by using the Invoke method to call the native objects Members method.

好的,花了一段时间,弄乱了不同的解决方案,但下面给出了最适合我的原始问题的解决方案。我无法使用“标准”方法让 DirectoryEntry 对象访问本地组的成员,我可以让它枚举成员的唯一方法是使用 Invoke 方法调用本机对象的成员方法。

using(DirectoryEntry groupEntry = new DirectoryEntry("WinNT://./Administrators,group"))
{
    foreach(object member in (IEnumerable) groupEntry.Invoke("Members"))
    {
        using(DirectoryEntry memberEntry = new DirectoryEntry(member))
        {
            Console.WriteLine(memberEntry.Path);
        }
    }
}

I also used a similar technique to add and remove members from the local group.

我还使用了类似的技术在本地组中添加和删除成员。

Hopefully this helps someone else as well. Keith.

希望这对其他人也有帮助。基思。

EDITby Tim: added VB.Net version

由 Tim编辑:添加了 VB.Net 版本

Public Function MembersOfGroup(ByVal GroupName As String) As List(Of DirectoryEntry)
    Dim members As New List(Of DirectoryEntry)
    Try
        Using search As New DirectoryEntry("WinNT://./" & GroupName & ",group")
            For Each member As Object In DirectCast(search.Invoke("Members"), IEnumerable)
                Dim memberEntry As New DirectoryEntry(member)
                members.Add(memberEntry)
            Next
        End Using
    Catch ex As Exception
        MessageBox.Show(ex.ToString)
    End Try
    Return members
End Function

回答by Tim Robinson

You should be able to find this information inside the "member"attributeon the DirectoryEntrythat represents the group.

您应该能够在代表组的"member"属性中找到此信息DirectoryEntry

回答by splattne

Microsoft .NET Framework provides a standard library for working with Active Directory: System.DirectoryServices namespacein the System.DirectoryServices.dll.

Microsoft .NET Framework 提供了一个用于使用 Active Directory 的标准库:System.DirectoryServices.dll中的 System.DirectoryServices命名空间

Microsoft recommends using two main classes from the System.DirectoryServices namespace: DirectoryEntryand DirectorySearcher. In most cases, it is enough to use DirectorySearcher class only.

Microsoft 建议使用 System.DirectoryServices 命名空间中的两个主要类:DirectoryEntryDirectorySearcher。在大多数情况下,仅使用 DirectorySearcher 类就足够了。

UPDATE: I tested it on my machine - it works. But maybe I've misunderstood your question.

更新:我在我的机器上测试了它 - 它有效。但也许我误解了你的问题。

Here is an example from an excellent CodeProject article:

以下是一篇优秀的CodeProject 文章中的示例:

Get a list of users belonging to a particular AD group

获取属于特定 AD 组的用户列表

using System.DirectoryServices;

ArrayList GetADGroupUsers(string groupName)
{    
   SearchResult result;
   DirectorySearcher search = new DirectorySearcher();
   search.Filter = String.Format("(cn={0})", groupName);
   search.PropertiesToLoad.Add("member");
   result = search.FindOne();

   ArrayList userNames = new ArrayList();
   if (result != null)
   {
       for (int counter = 0; counter < 
          result.Properties["member"].Count; counter++)
       {
           string user = (string)result.Properties["member"][counter];
               userNames.Add(user);
       }
   }
   return userNames;
}