SQL CLR存儲過程來查詢Active Directory

Question

我需要獲得存儲在Active Directory的數據庫中的用戶的一些信息，我有一個簡單的函數來做到這一點：

using (DirectoryEntry de = new DirectoryEntry("LDAP://ANYGIVENDOMAIN")) 
{ 
    using (DirectorySearcher adSearch = new DirectorySearcher(de)) 
    { 
     adSearch.Filter = "(sAMAccountName=jdoe)";     
     SearchResult adSearchResult = adSearch.FindOne(); 

     StringBuilder sb = new StringBuilder(); 
     sb.AppendLine(adSearchResult.Properties["displayname"][0].ToString()); 
     sb.AppendLine(adSearchResult.Properties["givenName"][0].ToString()); 
     sb.AppendLine(adSearchResult.Properties["objectSid"][0].ToString()); 
     sb.AppendLine(adSearchResult.Properties["description"][0].ToString()); 
     sb.AppendLine(adSearchResult.Properties["objectGUID"][0].ToString()); 
    } 
} 

從正在運行WinForm按我的意願做，但在SQL Server項目類型中，我無法將名稱空間System.DirectoryServices添加到引用。

任何人都知道爲什麼？

問候

JE

Answer 1

參見：Supported .NET Framework Libraries

Unsupported libraries can still be called from your managed stored procedures, triggers, user-defined functions, user-defined types, and user-defined aggregates. The unsupported library must first be registered in the SQL Server database, using the CREATE ASSEMBLY statement, before it can be used in your code. Any unsupported library that is registered and run on the server should be reviewed and tested for security and reliability.

For example, the System.DirectoryServices namespace is not supported. You must register the System.DirectoryServices.dll assembly with UNSAFE permissions before you can call it from your code. The UNSAFE permission is necessary because classes in the System.DirectoryServices namespace do not meet the requirements for SAFE or EXTERNAL_ACCESS. For more information, see CLR Integration Programming Model Restrictions and CLR Integration Code Access Security .