我可以使用以下内容查询我的Active Directory组:
open System.DirectoryServices.AccountManagement
let specialGroups () =
let ctx = new PrincipalContext(
contextType = ContextType.Domain,
name = "domain.net",
container = "DC=domain,DC=net")
let allGroups = new GroupPrincipal(ctx, "*")
let srch = new PrincipalSearcher(allGroups)
[| for group in srch.FindAll() -> group |]
如何添加某些属性,如邮件,就像这个PowerShell一样?
Get-ADGroup "GROUPNAME.UG" -Properties Mail
可以通过检索基础DirectoryEntry对象,然后访问其Properties集合来获取属性。 下面是一个示例,它为Principal对象定义一个getProperty函数,然后使用它来筛选"Mail"属性:
open System.DirectoryServices
open System.DirectoryServices.AccountManagement
let getProperty name (group: Principal) =
let entry = group.GetUnderlyingObject() |> unbox<DirectoryEntry>
[| for value in entry.Properties.[name] -> value |> string |]
let specialGroups () =
let ctx = new PrincipalContext(
contextType = ContextType.Domain,
name = "domain.net",
container = "DC=domain,DC=net")
let allGroups = new GroupPrincipal(ctx, "*")
let srch = new PrincipalSearcher(allGroups)
[| for group in srch.FindAll() |> Seq.filter (getProperty "Mail" >> Array.isEmpty) -> group |]