如果我的域名爲「mydomain.com」的服務器中有Active Directory設置,那麼我將爲此創建LDAP DirectorySearcher,如下所示。用於Office 365 Active Directory的LDAP DirectorySearcher
string domainPath = "LDAP://mydomain.com";
DirectoryEntry entry = new DirectoryEntry(domainPath, "userName", "password");
DirectorySearcher searcher = new DirectorySearcher(entry);
會是怎樣的domainPath,如果我想創建的DirectorySearcher爲我的Office 365的Active Directory?
P.S:我已同步服務器的Active Directory中Office中使用 'AzureADSync'
LDAP僅適用於本地的Active Directory 365。
對於Azure的Active Directory,則需要使用圖形的API(無論是Microsoft Graph或Azure Active Directory Graph見this link的信息如何一個和另一個之間的挑選)
你需要註冊應用程序,設置正確的權限,這取決於你想做的事,並有類似這樣的代碼片段:
注:此特定摘錄返回所有用戶在目錄:
var authority = "https://login.microsoftonline.com/";
var resource = "https://graph.windows.net/";
var tenant = "mydomain.com";
var clientId = <YourClientID>;
var redirectUri = <YourRedirectUri>;
var ctx = new AuthenticationContext(authority + tenant);
var graphUri = resource + tenant;
var client = new ActiveDirectoryClient(new Uri(graphUri),
async() => {
var token = await ctx.AcquireTokenAsync(resource, clientId, new Uri(redirectUri), new PlatformParameters(PromptBehavior.Always));
return token.AccessToken;
});
var users = await client.Users.ExecuteAsync();
users.CurrentPage.Select(u => u.DisplayName).Dump();
Here's a link to Azure AD Graph samples。它有關於應用程序註冊,設置權限以及如何從不同平臺/場景查詢圖形的說明。