奇怪的东西:
>仅当用户尚未保存到数据库(新的未知用户)时才会发生
>只出现在现场系统上,一切都在本地开发环境中
这是我在日志邮件中得到的:
Source : System.DirectoryServices
Message: The server is not operational.
Trace:
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_AdsObject()
at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)
at System.DirectoryServices.DirectorySearcher.FindOne()
at Smarthouse.Labs.DataAccess.UserListManager.SaveUser(String windowsUserName)
这是我如何实现DirectorySearch:
- private void SaveUser(string windowsUserName)
- {
- string[] domainAndUser = windowsUserName.Split('\\');
- string domain = domainAndUser[0];
- string username = domainAndUser[1];
- DirectoryEntry entry = new DirectoryEntry("LDAP://" + domain);
- DirectorySearcher search = new DirectorySearcher(entry);
- try
- {
- // Bind to the native AdsObject to force authentication.
- search.Filter = "(SAMAccountName=" + username + ")";
- search.PropertiesToLoad.Add("cn");
- search.PropertiesToLoad.Add("sn");
- search.PropertiesToLoad.Add("givenName");
- search.PropertiesToLoad.Add("mail");
- SearchResult result = search.FindOne();
- if (result == null)
- {
- throw new Exception("No results found in Windows authentication.");
- }
- User userToSave = new User();
- userToSave.FirstName = (String) result.Properties["givenName"][0];
- userToSave.LastName = (String) result.Properties["sn"][0];
- userToSave.Email = (String) result.Properties["mail"][0];
- userToSave.Username = windowsUserName;
- userToSave.Guid = Guid.NewGuid();
- SaveUser(userToSave);
- }
- catch (Exception ex)
- {
- throw new Exception("Error authenticating user. " + ex.Message,ex);
- }
- finally
- {
- //Dispose service and search to prevent leek in memory
- entry.Dispose();
- search.Dispose();
- }
- }
如果需要更多的代码示例,请告诉我.
解决方法
您需要一个有效的LDAP绑定字符串,如LDAP:// dc = yourdomain,dc = local或something.
要了解您的默认LDAP绑定上下文是什么,请使用此代码段:
- DirectoryEntry deRoot = new DirectoryEntry("LDAP://RootDSE");
- if (deRoot != null)
- {
- string defaultNamingContext = deRoot.Properties["defaultNamingContext"].Value.ToString();
- }
一旦你有这个字符串 – 将它用作你的LDAP服务器的绑定字符串.
如果您使用的是.NET 3.5及更高版本,则应查看System.DirectoryServices.AccountManagement(S.DS.AM)命名空间.在这里阅读全文:
> Managing Directory Security Principals in the .NET Framework 3.5
> MSDN docs on System.DirectoryServices.AccountManagement
基本上,您可以定义域上下文并轻松查找AD中的用户和/或组:
- // set up domain context -- no domain name needed,uses default domain
- PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
- // find a user
- UserPrincipal user = UserPrincipal.FindByIdentity(ctx,username);
- if(user != null)
- {
- // do something here....
- }
新的S.DS.AM让您很容易在广告中与用户和群体一起玩耍!
