我知道如何使用 User.Identity 和 User.IsInRole

有没有办法看到所有用户在？的角色

Is there a way to see all of the roles a user is in?

我们有很多团体和一些人在很多群体，但我不想写一个User.IsInRole 20+次。

We have a lot of groups and some people are in a lot of groups, but I don't want to write a User.IsInRole 20+ times.

推荐答案

在活动目录的背景下，的角色的你指的是真正的安全性（或授权）组的用户是其成员

In an Active Directory context, the Roles you refer to are really the security (or authorization) groups a user is a member of.

所以，如果你在.NET 3.5及以上，你应该看看 System.DirectoryServices.AccountManagement （S.DS.AM）命名空间。阅读所有关于它的：

So if you're on .NET 3.5 and up, you should check out the System.DirectoryServices.AccountManagement (S.DS.AM) namespace. Read all about it here:

基本上，你可以定义域范围内，并很容易地找到在AD用户和/或组：

Basically, you can define a domain context and easily find users and/or groups in AD:

// set up domain context
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
{
   // find a user
   UserPrincipal user = UserPrincipal.FindByIdentity(ctx, "SomeUserName");

   if(user != null)
   {
       // get the authorization groups - those are the "roles" 
       var groups = user.GetAuthorizationGroups();

       foreach(Principal principal in groups)
       {
           // do something with the group (or role) in question
       }
   }
}

新S.DS.AM使得它可以很容易地玩弄用户和组AD！

The new S.DS.AM makes it really easy to play around with users and groups in AD!