1. On définit les paramètres de connexion dans notre app.config

 
		<!-- Active Directory -->

2. Nous créons ensuite la classe static ActiveDirectory en exposant la méthode IsUserMemberOfGroup

public static class ActiveDirectory
{
    /********************************************************************
     * Shared properties                                                *
     ********************************************************************/
    private static DirectoryEntry ldap;
 
    /********************************************************************
     * Exposed methods                                                  *
     ********************************************************************/
    public static bool IsUserMemberOfGroup(string AccountName, string GroupName)
    {
        if (Connect() == false)
        {
            return false;
        }
 
        DirectorySearcher searcher = new DirectorySearcher(ldap);
 
        searcher.PropertiesToLoad.Add("cn");
        searcher.PropertiesToLoad.Add("givenname");
        searcher.PropertiesToLoad.Add("sn");
        searcher.PropertiesToLoad.Add("memberof"); //all groups of the user
 
        searcher.Filter = "(&amp;(anr=" + AccountName + ")(objectCategory=person))";
 
        SearchResult result = searcher.FindOne();
        if (result != null)
        {
            if (result.Properties["memberof"] != null)
            {
                ResultPropertyValueCollection groups = result.Properties["memberof"];
 
                foreach (string group in groups)
                {
                    if (group.Contains("CN="+GroupName))
                    {
                        return true;
                    }
                }
            }
        }
 
        Disconnect();
        return false;
    }
 
    /********************************************************************
     * Intern methods                                                   *
     ********************************************************************/
    private static bool Connect()
    {
        /** Connection Properties **/
        string defaultServer = System.Configuration.ConfigurationManager.AppSettings["LDAP_SERVER"].ToString();
        string defautlUser = System.Configuration.ConfigurationManager.AppSettings["LDAP_USER"].ToString();
        string defaultpwd = System.Configuration.ConfigurationManager.AppSettings["LDAP_PWD"].ToString();
 
        /** Active Directory Connection **/
        try
        {
            DirectoryEntry Ldap = new DirectoryEntry(defaultServer, defautlUser, defaultpwd);
            return true;
        }
        catch (Exception Ex)
        {
            Logger.Log(Logger.Level.ERROR, "ActiveDirectory Connect Failed", Ex);
            return false;
        }
    }
 
    private static void Disconnect()
    {
        if(ldap != null)
        {
            ldap.Close();
        }
    }
 
}

1. On définit les paramètres de connexion dans notre app.config

		<!-- Active Directory -->

2. Nous créons ensuite la classe static ActiveDirectory en exposant la méthode IsUserMemberOfGroup

public static class ActiveDirectory
{
    /********************************************************************
     * Shared properties                                                *
     ********************************************************************/
    private static DirectoryEntry ldap;
 
    /********************************************************************
     * Exposed methods                                                  *
     ********************************************************************/
    public static bool IsUserMemberOfGroup(string AccountName, string GroupName)
    {
        if (Connect() == false)
        {
            return false;
        }
 
        DirectorySearcher searcher = new DirectorySearcher(ldap);
 
        searcher.PropertiesToLoad.Add("cn");
        searcher.PropertiesToLoad.Add("givenname");
        searcher.PropertiesToLoad.Add("sn");
        searcher.PropertiesToLoad.Add("memberof"); //all groups of the user
 
        searcher.Filter = "(&amp;(anr=" + AccountName + ")(objectCategory=person))";
 
        SearchResult result = searcher.FindOne();
        if (result != null)
        {
            if (result.Properties["memberof"] != null)
            {
                ResultPropertyValueCollection groups = result.Properties["memberof"];
 
                foreach (string group in groups)
                {
                    if (group.Contains("CN="+GroupName))
                    {
                        return true;
                    }
                }
            }
        }
 
        Disconnect();
        return false;
    }
 
    /********************************************************************
     * Intern methods                                                   *
     ********************************************************************/
    private static bool Connect()
    {
        /** Connection Properties **/
        string defaultServer = System.Configuration.ConfigurationManager.AppSettings["LDAP_SERVER"].ToString();
        string defautlUser = System.Configuration.ConfigurationManager.AppSettings["LDAP_USER"].ToString();
        string defaultpwd = System.Configuration.ConfigurationManager.AppSettings["LDAP_PWD"].ToString();
 
        /** Active Directory Connection **/
        try
        {
            DirectoryEntry Ldap = new DirectoryEntry(defaultServer, defautlUser, defaultpwd);
            return true;
        }
        catch (Exception Ex)
        {
            Logger.Log(Logger.Level.ERROR, "ActiveDirectory Connect Failed", Ex);
            return false;
        }
    }
 
    private static void Disconnect()
    {
        if(ldap != null)
        {
            ldap.Close();
        }
    }
 
}

Last modified: 16 February 2013

Author

Comments

Bonjour,
Perso je passe par WindowsIdentity pour obtenir la liste des groupes AD d’un utilisateur.
cf Obetnir la liste des groupes AD d’un utilisateur

Write a Reply or Comment

Your email address will not be published.