active-directory

问题 I'd like to know how to script this. Also, is there an out of the box GUI tool that will let me do this? 回答1: Are you referring to the CustomField attributes that exchange adds when you extend the AD Schema? If so, then you could use ADSIEdit. If you want to make your own fields then I think your options would be extend the schema or possibly use ADAM. I haven't used ADAM for Groups, but I think its still possible. There are some basic scripts on accessing groups at Microsoft's Script Center.

问题 I am looking to query LDAP server to retrieve all the user entries from it. I have come across some libraries OpenLDAP LDAP SDK Mozilla Directory Apache Directory API My requirements would be to query all users in an LDAP implementation like AD Server, ease of programming and good community around the library. I don't find a clear winner here. Can someone tell me the widely used and robust API? 回答1: The best API to use with Java is the UnboundID LDAP SDK. It's clear, complete, fully

问题 I am trying to get all group members from "Domain Users". When using AD Users MMC tab, I get a lot of results. When using ADSI - not. The following DOESN'T work as expected: looking at members attribute of the group entry via LDAP/ADSI. It returns only 56 members when there are considerably more. searching by memberOf (returns just a few entries) searching by primaryGroup (it is not a primary group) searching by tokenGrops (it is a constructed attribute) any ideas appreciated. 回答1: (I just

问题 I am trying to connect to an Active Directory domain (W2K8R2 DC) in a different forest. To that end, I pass the credentials into the following DirectoryEntry constructor: DirectoryEntry(string path, string username, string password, AuthenticationTypes authenticationType) This is all good and well. What I would like to do though is retain the connection somehow and reuse it through all my calls to the AD so that I do not need to pass the credentials repeatedly. Is this possible somehow?

问题 I am trying to connect to an Active Directory domain (W2K8R2 DC) in a different forest. To that end, I pass the credentials into the following DirectoryEntry constructor: DirectoryEntry(string path, string username, string password, AuthenticationTypes authenticationType) This is all good and well. What I would like to do though is retain the connection somehow and reuse it through all my calls to the AD so that I do not need to pass the credentials repeatedly. Is this possible somehow?

问题 I'm looking for a way to find a the windows login associated with a specific group. I'm trying to add permissions to a tool that only allows names formatted like: DOMAIN\USER DOMAIN\GROUP I have a list of users in active directory format that I need to add: ou=group1;ou=group2;ou=group3 I have tried adding DOMAIN\Group1, but I get a 'user not found' error. P.S. should also be noted that I'm not a Lan admin 回答1: Programatically or Manually? Manually, i prefer AdExplorer, which is a nice Active

问题 I'm looking for a way to find a the windows login associated with a specific group. I'm trying to add permissions to a tool that only allows names formatted like: DOMAIN\USER DOMAIN\GROUP I have a list of users in active directory format that I need to add: ou=group1;ou=group2;ou=group3 I have tried adding DOMAIN\Group1, but I get a 'user not found' error. P.S. should also be noted that I'm not a Lan admin 回答1: Programatically or Manually? Manually, i prefer AdExplorer, which is a nice Active

问题 Im using the following code to get a bunch of information about employees from specific departments and returning a list from AD... Whilst it works, it appears to be quite slow, is a there more efficient way of getting various user details from AD? public static List<Employee> GetEmployeeListForDepartment(string departpment) { using (HostingEnvironment.Impersonate()) { PrincipalContext ctx = new PrincipalContext(ContextType.Domain, domain); GroupPrincipal gp = GroupPrincipal.FindByIdentity

问题 Many thanks to marc_s for the following code sample, from my previous issue Creating user in Active Directory with C# errors public static string ldapPath = "LDAP://OU=Domain Users,DC=contoso,DC=com"; public static string CreateUserAccount(string userName, string userPassword) { // set up domain context PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "contoso.com",ldapPath); // create a user principal object UserPrincipal user = new UserPrincipal(ctx, userName, userPassword,

问题 Currently building a WPF app that will run in an environment where the user logs into Windows PC which is on a domain (DC). The app will ask the user to enter their login and password again when it starts up, and the login/password will be verified against Active Directory (forgive me if my terminology is not correct here). The login is all-or-nothing; if their password is correct, there is no (current) concern with retrieving groups, rights or anything of that nature. The development