使用.NET 3.5中引入的System.DirectoryServices.AccountManagement
名称空间,类似的事情变得更容易。
阅读所有关于它在这里:Managing Directory Security Principals in the .NET Framework 3.5
您必须首先建立上下文为您的操作 - AD LDS明确支持:
// create a context for an AD LDS store pointing to the
// partition root using the credentials for a user in the AD LDS store
// and SSL for encryption
PrincipalContext ldsContext = new PrincipalContext(
ContextType.ApplicationDirectory, "sea-dc-02.fabrikam.com:50001",
"ou=ADAM Users,o=microsoft,c=us",
ContextOptions.SecureSocketLayer | ContextOptions.SimpleBind,
"CN=administrator,OU=ADAM Users,O=Microsoft,C=US ", "[email protected]");
,然后你需要创建一个PrincipalSearcher
和定义在一个“查询范例”风格你正在寻找什么:
// create a principal object representation to describe
// what will be searched
UserPrincipal user = new UserPrincipal(ldsContext);
// define the properties of the search (this can use wildcards)
user.Enabled = false;
user.Name = "user*";
// create a principal searcher for running a search operation
PrincipalSearcher pS = new PrincipalSearcher();
// assign the query filter property for the principal object you created
// you can also pass the user principal in the PrincipalSearcher constructor
pS.QueryFilter = user;
// run the query
PrincipalSearchResult<Principal> results = pS.FindAll();
Console.WriteLine("Disabled accounts starting with a name of 'user':");
foreach (Principal result in results)
{
Console.WriteLine("name: {0}", result.Name);
}
很漂亮,呃?如果你可以 - 使用新的S.DS.AM
命名空间!
很酷。我仍然被困在LDAP的土地上。如果这会遭受与旧查询相同的帐户限制,您是否知道离开? 1000或1500. – hal9000 2011-02-03 22:11:02