用于Office 365 Active Directory的LDAP DirectorySearcher
问题描述:
如果我的域名为“mydomain.com”的服务器中有Active Directory设置,那么我将为此创建LDAP DirectorySearcher,如下所示。用于Office 365 Active Directory的LDAP DirectorySearcher
string domainPath = "LDAP://mydomain.com";
DirectoryEntry entry = new DirectoryEntry(domainPath, "userName", "password");
DirectorySearcher searcher = new DirectorySearcher(entry);
会是怎样的domainPath,如果我想创建的DirectorySearcher为我的Office 365的Active Directory?
P.S:我已同步服务器的Active Directory中Office中使用 'AzureADSync'
答
LDAP仅适用于本地的Active Directory 365。
对于Azure的Active Directory,则需要使用图形的API(无论是Microsoft Graph或Azure Active Directory Graph见this link的信息如何一个和另一个之间的挑选)
你需要注册应用程序,设置正确的权限,这取决于你想做的事,并有类似这样的代码片段:
注:此特定摘录返回所有用户在目录:
var authority = "https://login.microsoftonline.com/";
var resource = "https://graph.windows.net/";
var tenant = "mydomain.com";
var clientId = <YourClientID>;
var redirectUri = <YourRedirectUri>;
var ctx = new AuthenticationContext(authority + tenant);
var graphUri = resource + tenant;
var client = new ActiveDirectoryClient(new Uri(graphUri),
async() => {
var token = await ctx.AcquireTokenAsync(resource, clientId, new Uri(redirectUri), new PlatformParameters(PromptBehavior.Always));
return token.AccessToken;
});
var users = await client.Users.ExecuteAsync();
users.CurrentPage.Select(u => u.DisplayName).Dump();
Here's a link to Azure AD Graph samples。它有关于应用程序注册,设置权限以及如何从不同平台/场景查询图形的说明。