如何使用 Javascript 检查活动目录以查看用户是否属于特定组的成员?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4716811/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to use Javascript to check active directory to see if a user is in a memberof a particular group?
提问by Roy Rideaux
I have at my disposal Javascript and Classic ASP. Using these two how can I check to see if a user is a member of a particular active directory group? I know VBSCRIPT has memberof function but I can only use javascript. Any help is appreciated
我可以使用 Javascript 和 Classic ASP。使用这两个如何检查用户是否是特定活动目录组的成员?我知道 VBSCRIPT 有 memberof 功能,但我只能使用 javascript。任何帮助表示赞赏
回答by Tom B
You'll need to ensure that your web server is set to use Windows Authentication. Then you can use Request.ServerVariables("LOGON_USER") to get the current user's domain\username.
您需要确保您的 Web 服务器设置为使用 Windows 身份验证。然后你可以使用 Request.ServerVariables("LOGON_USER") 来获取当前用户的域\用户名。
You'll then query Active Directory using ADSI to get group membership.
然后,您将使用 ADSI 查询 Active Directory 以获得组成员资格。
Here's a link to msdn's ADSI pages. http://msdn.microsoft.com/en-us/library/aa772170%28v=vs.85%29.aspx
这是 msdn 的 ADSI 页面的链接。 http://msdn.microsoft.com/en-us/library/aa772170%28v=vs.85%29.aspx
This page has some sample scripts (in vbscript)
此页面有一些示例脚本(在 vbscript 中)
回答by anon
You'll need AJAX and a connection to the AD using ADODB.Connection with the "ADsDSOObject" provider.
您将需要 AJAX 和使用带有“ADsDSOObject”提供程序的 ADODB.Connection 连接到 AD。
EDIT: I saw your comment above. Here's a start:
编辑:我在上面看到了您的评论。这是一个开始:
ldapCommand.CommandText = "select sn from '" & _
"LDAP://example.com/DC=example,DC=com" & _
"' WHERE samAccountName=" & "'" & username & "'"
Set ldapRecordSet = ldapCommand.Execute
ldapCommand is an ADODB.Command, and if Execute throws an error, then the user is not in the domain.
ldapCommand 是一个 ADODB.Command,如果 Execute 抛出错误,则用户不在域中。
回答by anon
You might also try using Javascript to instantialte a WScript.Network object
您也可以尝试使用 Javascript 来实例化 WScript.Network 对象
var WshNetwork = new ActiveXObject("WScript.Network");
From there, you can get
从那里,你可以得到
var netWorkUserName = WshNetwork.UserName;
var netWorkDomain = WshNetwork.UserDomain;
A word of warning: I'm pretty sure this is IE only and requires security changes in IE.
一句警告:我很确定这只是 IE 并且需要在 IE 中进行安全更改。
回答by Pilgerstorfer Franz
As far as I know there is no possibility to access activeDirectory by using Javascript. Javascript runs within the browser - and may not access anything out of this sandbox.
据我所知,不可能使用 Javascript 访问 activeDirectory。Javascript 在浏览器中运行 - 可能无法访问此沙箱之外的任何内容。
In case I misunderstood your question und you ment server-side checking - use ASP functions to check for.
万一我误解了您的问题并且您进行了服务器端检查 - 使用 ASP 函数进行检查。
