我需要一种方法来看看，如果用户是Active Directory组的从我的.Net 3.5 asp.net C＃应用程序的一部分。

I need a way to see if a user is part of an active directory group from my .Net 3.5 asp.net c# application.

我使用的是标准的LDAP认证例如关闭MSDN，但我实在不明白怎么要检查一组。

I am using the standard ldap authentication example off of msdn but I don't really see how to check against a group.

推荐答案

3.5和System.DirectoryServices.AccountManagement这是一个有点清洁：

With 3.5 and System.DirectoryServices.AccountManagement this is a bit cleaner:

public List<string> GetGroupNames(string userName)
{
  var pc = new PrincipalContext(ContextType.Domain);
  var src = UserPrincipal.FindByIdentity(pc, userName).GetGroups(pc);
  var result = new List<string>();
  src.ToList().ForEach(sr => result.Add(sr.SamAccountName));
  return result;
}