在.NET MVC中使用LDAP /网络凭据validation用户

使用System.DirectoryServices.AccountManagement命名空间并通过更改IdentityType枚举来传递用户名或专有名称（例如CN = John Doe）。

 public bool UserExists(string username) { PrincipalContext domain = new PrincipalContext(ContextType.Domain); // locate the user UserPrincipal user = UserPrincipal.FindByIdentity(domain, IdentityType.Name, username); return user != null; } 

您可以使用LdapConnection和SearchRequest来实现。

获取所有用户的示例：

 /// 
 /// Gets the LDAP users from the LDAP server. /// 
 /// The LDAP server, string format: "LDAP://172.22.100.10:389/OU=AT,O=ON" /// Type of the directory. /// The user. /// The password. /// The domain (AD only). /// String list of LDAP users. public List GetLdapUsers(string ldapServer, LocalDirectoryType directoryType, string user, string password, string domain) { List LdapUsers = new List(); string serverName = Regex.Match(ldapServer, @"^.+//(.+?):").Groups[1].ToString(); string distinguishedName = ldapServer.Substring(ldapServer.LastIndexOf("/") + 1); LdapConnection connection = new LdapConnection(new LdapDirectoryIdentifier(serverName)); switch (directoryType) { case LocalDirectoryType.ActiveDirectory: connection.AuthType = AuthType.Ntlm; break; case LocalDirectoryType.eDirectory: connection.AuthType = AuthType.Basic; break; } // attempt to connect try { connection.Bind(new NetworkCredential(user, password)); } catch (Exception exception) { Trace.WriteLine(exception.ToString()); } // run search for users SearchResponse response = connection.SendRequest(new SearchRequest(distinguishedName, "(|(objectClass=person)(objectClass=user))", System.DirectoryServices.Protocols.SearchScope.Subtree, null)) as SearchResponse; // extract users from results based on server type if (directoryType == LocalDirectoryType.ActiveDirectory) { foreach (SearchResultEntry entry in response.Entries) { if (entry.Attributes.Contains("sAMAccountName") && entry.Attributes["sAMAccountName"][0].ToString() != String.Empty) LdapUsers.Add(domain + "\\" + entry.Attributes["sAMAccountName"][0].ToString()); } } else { foreach (SearchResultEntry entry in response.Entries) { if (entry.Attributes.Contains("cn") && entry.Attributes["cn"][0].ToString() != String.Empty) { LdapUsers.Add("cn=" + entry.Attributes["cn"][0].ToString()); } } } return LdapUsers; }