.net core在Linux下获取AD域信息
.net Core 2.1.4
.net core现在System.DirectoryServices只支持Windows平台下使用。
参考:
https://github.com/dotnet/standard/pull/444
https://github.com/dotnet/corefx/issues/2089
private Dictionary<string,string> AuthenticateActiveDirectory(string username, string password)
{
Dictionary<string, string> dic = new Dictionary<string, string>();
DirectoryEntry entry = new DirectoryEntry(_appConfiguration["LDAP:DE"], username, password);
try
{
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = $"(SAMAccountName={username})";
SearchResult result = search.FindOne();
if (result != null)
{
dic.Add("state","true");
dic.Add("displayname", result.Properties["displayname"]?[].ToString());
dic.Add("mail",result.Properties["mail"]?[].ToString());
}
}
catch (Exception ex)
{
dic.Add("state", "false");
dic.Add("errMsg",ex.Message);
}
return dic;
}
Novell.Directory.Ldap
Novell.Directory.Ldap支持.net core2 Linux环境。
public Dictionary<string, string> LdapAuthenticate(string username, string password)
{
Dictionary<string, string> dic = new Dictionary<string, string>();
var ldapHost = _appConfiguration["LDAP:Host"];
var ldapPort = _appConfiguration.GetValue<int>("LDAP:Port");
var mailSuffix = _appConfiguration["LDAP:MailSuffix"];
var searchBase = _appConfiguration["LDAP:SearchBase"];
var loginDN = username;
var sAMAccountName = username;
if (username.Contains(mailSuffix))
sAMAccountName = username.Substring(, username.IndexOf(mailSuffix));
else
loginDN = $"{username}{mailSuffix}"; var searchFilter = $"(sAMAccountName={sAMAccountName})";
var attrs = _appConfiguration["LDAP:Attrs"].Split('|');
try
{
var conn = new LdapConnection();
conn.Connect(ldapHost, ldapPort);
conn.Bind(loginDN, password);
var lsc = conn.Search(searchBase, LdapConnection.SCOPE_SUB, searchFilter, attrs, false); while (lsc.hasMore())
{
LdapEntry nextEntry = null;
try
{
nextEntry = lsc.next();
}
catch (LdapException ex)
{
Logger.Debug(ex.ToString(), ex);
continue;
}
var attributeSet = nextEntry.getAttributeSet();
var ienum = attributeSet.GetEnumerator();
while (ienum.MoveNext())
{
var attribute = (LdapAttribute)ienum.Current;
var attributeName = attribute.Name.ToLower();
var attributeVal = attribute.StringValue;
if (attrs.Contains(attributeName))
{
dic.Add(attributeName, attributeVal);
}
}
dic.Add("state", "true");
} conn.Disconnect();
}
catch (Exception ex)
{
dic.Add("state", "false");
dic.Add("errMsg", ex.Message);
Logger.Debug(ex.ToString(), ex);
}
return dic;
}
以上配置信息如下:
"LDAP": {
"_comment": "域帐号登录配置",
"DE": "LDAP://xxx.com",
"Host": "xx.xx.xx.xx",
"Port": ,
"MailSuffix": "@xxx.com",
"Attrs": "displayname|mail|sn",
"SearchBase": "DC=xxx,DC=com",
"UserRole": "User"
},