我需要能够对接受组的列表来比较用户Active Directory组。这是不适合的认证

I need to be able to compare the users active directory groups against a list of acceptable groups. This is not for authentication.

我知道我可以使用System.DirectoryServices中，但我已经看到，说使用AccountManagement很多帖子，但我看到的是。主动目录。

I know i can use System.DirectoryServices but i have seen many posts that say to use AccountManagement but all i see is .Active Directory.

任何人都可以请帮助我在正确的方向？

Can anyone please assist me in the right direction?

推荐答案

尝试是这样的：检查出 System.DirectoryServices.AccountManagement （S.DS.AM）命名空间。阅读所有关于它的：

Try something like this: check out the System.DirectoryServices.AccountManagement (S.DS.AM) namespace. Read all about it here:

基本上，你可以定义域范围内，并很容易地找到在AD用户和/或组：

Basically, you can define a domain context and easily find users and/or groups in AD:

// set up domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);

// find a user
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, "SomeUserName");

if(user != null)
{
   PrincipalSearchResult<Principal> authgroups = user.GetAuthorizationGroups();

   // do your checking with the auth groups that the user has - against your list 
}

新S.DS.AM使得它可以很容易地玩弄用户和组AD！

The new S.DS.AM makes it really easy to play around with users and groups in AD!