我连接了Apache Directory Studio的LDAP服务器,并用他的凭据绑定了用户,但现在我想获取他自己的数据,如邮件、电话号码等。如何在System.DirectoryServices中做到这一点?以下是我到目前为止所做的?
LdapDirectoryIdentifier id= new LdapDirectoryIdentifier("localhost", 10389);
LdapConnection conn=
new LdapConnection(id);
var username= text_field_for_username.Text;
var pass= text_field_for_pass.Text;
conn.AuthType = AuthType.Basic;
conn.SessionOptions.ProtocolVersion = 3;
NetworkCredential param= new NetworkCredential("uid="+username+",ou=employees,dc=company,dc=com",pass);
conn.Bind(param);
它奏效了。现在,如何使用System.DirectoryServices获取已验证用户的数据?顺便说一句,我知道不存在用户的可能性,我会为此添加try-and-catch块。
基本上,您可以使用DirectoryServicesSearchRequest
和SearchResponse
:执行以下操作
// ...
// Just for convenience
conn.Credential = new NetworkCredential(userDN, userPass);
conn.Bind();
// The attributes to read, use "*" to request all user attributes.
var attr = new[] { "uid", "displayName", "mail" };
// Set userDN as basedn and search scope to Base to search user's own entry (filter is null)
SearchRequest req = new SearchRequest(userDN, (string) null, SearchScope.Base, attr);
var response = (SearchResponse) conn.SendRequest(req);
var entry = response.Entries[0];
// ...
参见文档:SearchRequest、SearchResponse