C# AD 登入驗證

如標題

  [Serializable]
    public class AdAccountModel
    {
        /// <summary>
        /// 單位
        /// </summary>
        public string OU { get; set; }

        /// <summary>
        /// 帳號
        /// </summary>
        public string AdAccount { get; set; }

        /// <summary>
        /// 使用者名稱
        /// </summary>
        public string AdName { get; set; }
    }


    public  class ADHelper
    {
        /// <summary>
        /// 確認AD 帳號是否存在
		////
        /// </summary>
        /// <param name="strAccountId"></param>
        /// <param name="strPassword"></param>
        /// <param name="strError"></param>
        /// <returns></returns>
        public static bool CheckADAccount(string strAccountId, string strPassword, ref string strError)
        {
            bool bSucceeded = false;
            using (DirectoryEntry adsEntry = new DirectoryEntry(@"公司的domain...", strAccountId, strPassword))
            {
                using (DirectorySearcher adsSearcher = new DirectorySearcher(adsEntry))
                {
                    //adsSearcher.Filter = "(&(objectClass=user)(objectCategory=person))";
                    adsSearcher.Filter = "(sAMAccountName=" + strAccountId + ")";

                    try
                    {
                        SearchResult adsSearchResult = adsSearcher.FindOne();
                        bSucceeded = true;

                        //  strAuthenticatedBy = "Active Directory";
                        // strError = "User has been authenticated by Active Directory.";
                    }
                    catch (Exception ex)
                    {
                        // Failed to authenticate. Most likely it is caused by unknown user
                        // id or bad strPassword.
                        strError = ex.Message;
                    }
                    finally
                    {
                        adsEntry.Close();
                    }
                }
            }

            return bSucceeded;

        }

        public static AdAccountModel GetAdAccountModel(string strAccountId, string strPassword)
        {
            AdAccountModel model = new AdAccountModel();

            using (DirectoryEntry adsEntry = new DirectoryEntry(@"公司的domain...", strAccountId, strPassword))
            {
                using (DirectorySearcher adsSearcher = new DirectorySearcher(adsEntry))
                {
                    //adsSearcher.Filter = "(&(objectClass=user)(objectCategory=person))";
                    adsSearcher.Filter = "(sAMAccountName=" + strAccountId + ")";

                    try
                    {
                        SearchResult adsSearchResult = adsSearcher.FindOne();
                        DirectoryEntry userEntry = adsSearchResult.GetDirectoryEntry();


                        //string OU =    //  看起來是單位名稱


                        string[] OUs = userEntry.Parent.Name.Split('=');
                        model.OU = OUs[1];


                        string[] AdNames = userEntry.Name.Split('=');
                        string AdName = AdNames[1];

                        model.AdAccount = strAccountId;

                        model.AdName = AdName;

                        //  strAuthenticatedBy = "Active Directory";
                        // strError = "User has been authenticated by Active Directory.";
                    }
                    catch (Exception ex)
                    {
                        // Failed to authenticate. Most likely it is caused by unknown user
                        // id or bad strPassword.

                    }
                    finally
                    {
                        adsEntry.Close();
                    }
                }
            }


            return model;

        }


    }

 

以上文章僅用紀錄資料使用.....