Мне нужно разработать веб-приложение, которое должно показать каталог пользователя в Windows Server Active Directory.Windows Server Active Directory API
Имеет ли в Windows Server Active Directory некоторый API, который я могу вызвать для извлечения этой информации?
' ADSI Constant declarations
const ADS_GROUP_TYPE_GLOBAL_GROUP = &h2
const ADS_GROUP_TYPE_LOCAL_GROUP = &h4
const ADS_GROUP_TYPE_UNIVERSAL_GROUP = &h8
const ADS_GROUP_TYPE_SECURITY_ENABLED = &h80000000
Const ADS_PROPERTY_CLEAR = 1
Const ADS_PROPERTY_UPDATE = 2
Const ADS_PROPERTY_APPEND = 3
Const ADS_PROPERTY_DELETE = 4
'#region ADSIUser Class
Class ADSIUser
Public ADUser
Public Function GetItem(strItem)
GetItem = ADUser.Get(strItem)
End Function
Public Function GetItemEx(strItem)
GetItemEx = ADUser.GetEx(strItem)
End Function
Public Sub PutItem(strItem,newValue)
ADUser.Put strItem, newValue
ADUser.SetInfo
End Sub
Public Sub PutItemEx(strItem, newValueArray)
ADUser.PutEx ADS_PROPERTY_UPDATE, strItem, newValueArray
ADUser.SetInfo
End Sub
Public Sub ClearItem(strItem)
ADUser.PutEx ADS_PROPERTY_CLEAR, strItem, 0
ADUser.SetInfo
End Sub
Public Sub AppendItem(strItem, newValueArray)
ADUser.PutEx ADS_PROPERTY_APPEND, strItem, newValueArray
ADUser.SetInfo
End Sub
Public Sub PrintItems
On Error Resume Next
WScript.Echo VbCrLf & "** General Properties Page**"
WScript.Echo "** (Single-Valued Attributes) **"
WScript.Echo "name: " & ADUser.Get("name")
WScript.Echo "givenName: " & ADUser.Get("givenName")
WScript.Echo "initials: " & ADUser.Get("initials")
WScript.Echo "sn: " & ADUser.Get("sn")
WScript.Echo "displayName: " & ADUser.Get("displayName")
WScript.Echo "description: " & ADUser.Get("description")
WScript.Echo "physicalDeliveryOfficeName: " & ADUser.Get("physicalDeliveryOfficeName")
WScript.Echo "telephoneNumber: " & ADUser.Get("telephoneNumber")
WScript.Echo "mail: " & ADUser.Get("mail")
WScript.Echo "wWWHomePage: " & ADUser.Get("wWWHomePage")
WScript.Echo VbCrLf & "** General Properties Page**"
WScript.Echo "** (MultiValued Attributes) **"
WScript.Echo "otherTelephone:"
For Each Item in ADUser.GetEx("otherTelephone")
WScript.Echo vbTab & Item
Next
WScript.Echo "url:"
For Each Item in ADUser.GetEx("url")
WScript.Echo vbTab & Item
Next
WScript.Echo VbCrLf & "** Address Properties Page**"
WScript.Echo "** (Single-Valued Attributes) **"
WScript.Echo "streetAddress: " & ADUser.Get("streetAddress")
WScript.Echo "l: " & ADUser.Get("l")
WScript.Echo "st: " & ADUser.Get("st")
WScript.Echo "postalCode: " & ADUser.Get("postalCode")
WScript.Echo "c: " & ADUser.Get("c")
WScript.Echo VbCrLf & "** Address Properties Page**"
WScript.Echo "** (MultiValued Attributes) **"
WScript.Echo "postOfficeBox:"
For Each Item in ADUser.GetEx("postOfficeBox")
WScript.Echo vbTab & Item
Next
WScript.Echo VbCrLf & "** Account Properties Page**"
WScript.Echo "** (Single-Valued Attributes) **"
WScript.Echo "userPrincipalName: " & ADUser.Get("userPrincipalName")
WScript.Echo "dc: " & ADUser.Get("dc")
WScript.Echo "sAMAccountName: " & ADUser.Get("sAMAccountName")
WScript.Echo "userWorkstations: " & ADUser.Get("userWorkstations")
WScript.Echo VbCrLf & "** Account Properties Page**"
WScript.Echo "** (The userAccountControl attribute) **"
Set objHash = CreateObject("Scripting.Dictionary")
objHash.Add "ADS_UF_SMARTCARD_REQUIRED", &h40000
objHash.Add "ADS_UF_TRUSTED_FOR_DELEGATION", &h80000
objHash.Add "ADS_UF_NOT_DELEGATED", &h100000
objHash.Add "ADS_UF_USE_DES_KEY_ONLY", &h200000
objHash.Add "ADS_UF_DONT_REQUIRE_PREAUTH", &h400000
intuserAccountControl = ADUser.Get("userAccountControl")
For Each Key in objHash.Keys
If objHash(Key) And intuserAccountControl Then
WScript.Echo Key & " is enabled."
Else
WScript.Echo Key & " is disabled."
End If
Next
If ADUser.IsAccountLocked = True Then
WScript.Echo "ADS_UF_LOCKOUT is enabled"
Else
WScript.Echo "ADS_UF_LOCKOUT is disabled"
End If
If err.Number = -2147467259 Or ADUser.AccountExpirationDate = "1/1/1970" Then
WScript.Echo "Account doesn't expire."
Else
WScript.Echo "Account expires on: " & ADUser.AccountExpirationDate
End If
WScript.Echo VbCrLf & "** Profile Properties Page**"
WScript.Echo "** (Single-Valued Attributes) **"
WScript.Echo "profilePath: " & ADUser.Get("profilePath")
WScript.Echo "scriptPath: " & ADUser.Get("scriptPath")
WScript.Echo "homeDirectory: " & ADUser.Get("homeDirectory")
WScript.Echo "homeDrive: " & ADUser.Get("homeDrive")
WScript.Echo VbCrLf & "** Telephone Properties Page**"
WScript.Echo "** (Single-Valued Attributes) **"
WScript.Echo "homePhone: " & ADUser.Get("homePhone")
WScript.Echo "pager: " & ADUser.Get("pager")
WScript.Echo "mobile: " & ADUser.Get("mobile")
WScript.Echo "facsimileTelephoneNumber: " & ADUser.Get("facsimileTelephoneNumber")
WScript.Echo "ipPhone: " & ADUser.Get("ipPhone")
WScript.Echo "info: " & ADUser.Get("info")
WScript.Echo VbCrLf & "** Telephone Properties Page**"
WScript.Echo "** (MultiValued Attributes) **"
WScript.Echo "otherHomePhone:"
For Each Item in ADUser.GetEx("otherHomePhone")
WScript.Echo vbTab & Item
Next
WScript.Echo "otherPager:"
For Each Item in ADUser.GetEx("otherPager")
WScript.Echo vbTab & Item
Next
WScript.Echo "otherMobile:"
For Each Item in ADUser.GetEx("otherMobile")
WScript.Echo vbTab & Item
Next
WScript.Echo "otherFacsimileTelephoneNumber:"
For Each Item in ADUser.GetEx("otherFacsimileTelephoneNumber")
WScript.Echo vbTab & Item
Next
WScript.Echo "otherIpPhone:"
For Each Item in ADUser.GetEx("otherIpPhone")
WScript.Echo vbTab & Item
Next
WScript.Echo VbCrLf & "** Organization Properties Page**"
WScript.Echo "** (Single-Valued Attributes) **"
WScript.Echo "title: " & ADUser.Get("title")
WScript.Echo "department: " & ADUser.Get("department")
WScript.Echo "company: " & ADUser.Get("company")
WScript.Echo "manager: " & ADUser.Get("manager")
WScript.Echo VbCrLf & "** Organization Properties Page**"
WScript.Echo "** (MultiValued Attributes) **"
WScript.Echo "directReports:"
For Each Item in ADUser.GetEx("directReports")
WScript.Echo vbTab & Item
Next
WScript.Echo VbCrLf & "** Environment Properties Page**"
WScript.Echo "** (The ADSI Extension for Terminal Services interface) **"
WScript.Echo "TerminalServicesInitialProgram: " & ADUser.TerminalServicesInitialProgram
WScript.Echo "TerminalServicesWorkDirectory: " & ADUser.TerminalServicesWorkDirectory
WScript.Echo "ConnectClientDrivesAtLogon: " & ADUser.ConnectClientDrivesAtLogon
WScript.Echo "ConnectClientPrintersAtLogon: " & ADUser.ConnectClientPrintersAtLogon
WScript.Echo "DefaultToMainPrinter: " & ADUser.DefaultToMainPrinter
WScript.Echo VbCrLf & "** Sessions Properties Page**"
WScript.Echo "** (The ADSI Extension for Terminal Services interface) **"
WScript.Echo "MaxDisconnectionTime: " & ADUser.MaxDisconnectionTime
WScript.Echo "MaxConnectionTime: " & ADUser.MaxConnectionTime
WScript.Echo "MaxIdleTime: " & ADUser.MaxIdleTime
WScript.Echo "BrokenConnectionAction: " & ADUser.BrokenConnectionAction
WScript.Echo "ReconnectionAction: " & ADUser.ReconnectionAction
WScript.Echo VbCrLf & "** Remote Control Properties Page**"
WScript.Echo "** (The ADSI Extension for Terminal Services interface) **"
WScript.Echo "EnableRemoteControl: " & ADUser.EnableRemoteControl
Select Case ADUser.EnableRemoteControl
Case 0
WScript.Echo "Remote Control disabled"
Case 1
WScript.Echo "Remote Control enabled"
WScript.Echo "User permission required"
WScript.Echo "Interact with the session"
Case 2
WScript.Echo "Remote Control enabled"
WScript.Echo "User permission not required"
WScript.Echo "Interact with the session"
Case 3
WScript.Echo "Remote Control enabled"
WScript.Echo "User permission required"
WScript.Echo "View the session"
Case 4
WScript.Echo "Remote Control enabled"
WScript.Echo "User permission not required"
WScript.Echo "View the session"
End Select
WScript.Echo VbCrLf & "** Terminal Services Profile Properties Page**"
WScript.Echo "** (The ADSI Extension for Terminal Services interface) **"
WScript.Echo "TerminalServicesProfilePath: " & ADUser.TerminalServicesProfilePath
WScript.Echo "TerminalServicesHomeDirectory: " & ADUser.TerminalServicesHomeDirectory
WScript.Echo "TerminalServicesHomeDrive: " & ADUser.TerminalServicesHomeDrive
WScript.Echo "AllowLogon: " & ADUser.AllowLogon
WScript.Echo VbCrLf & "** COM+ Properties Page**"
WScript.Echo "** (Single-Valued Attributes) **"
WScript.Echo "msCOM-UserPartitionSetLink: " & ADUser.Get("msCOM-UserPartitionSetLink")
WScript.Echo VbCrLf & "** Member Of Properties Page**"
WScript.Echo "** (Single-Valued Attributes) **"
WScript.Echo "primaryGroupID: " & ADUser.Get("primaryGroupID")
WScript.Echo VbCrLf & "** Member Of Properties Page**"
WScript.Echo "** (MultiValued Attributes) **"
WScript.Echo "memberOf:"
For Each Item in ADUser.GetEx("memberOf")
WScript.Echo vbTab & Item
Next
WScript.Echo VbCrLf & "** Object Properties Page**"
WScript.Echo "** (Single-Valued Attributes) **"
WScript.Echo "whenCreated: " & ADUser.Get("whenCreated")
WScript.Echo "whenChanged: " & ADUser.Get("whenChanged")
ADUser.GetInfoEx Array("canonicalName"), 0
WScript.Echo VbCrLf & "** Object Properties Page**"
WScript.Echo "** (MultiValued Attributes) **"
WScript.Echo "canonicalName:"
For Each Item in ADUser.GetEx("canonicalName")
WScript.Echo vbTab & Item
Next
On Error GoTo 0
End Sub
End Class
'#endregion
'#region ADSIConnection Class
Class ADSIConnection
Private ADSIRootObject
Private Initialized
Private Sub ConnectToRoot()
If Initialized = 0 Then
Set ADSIRootObject = GetObject("LDAP://rootDSE")
Initialized = 1
End If
End Sub
Private Function ConnectToContainer(strContainer,strName)
Dim ADSIContainer
Dim Root
Dim objItem
ConnectToRoot
If strContainer = "" Then
Set objItem = GetObject("LDAP://" & ADSIRootObject.Get("defaultNamingContext"))
Else
If strName = "" Then
Set objItem = GetObject("LDAP://" & strContainer & "," & ADSIRootObject.Get("defaultNamingContext"))
Else
Set objItem = GetObject("LDAP://cn=" & strName & "," & strContainer & "," & ADSIRootObject.Get("defaultNamingContext"))
End If
End If
Set ConnectToContainer = objItem
End Function
Public Sub CreateUser(strContainer,strName)
Dim objUser
Dim ADSIContainer
Set ADSIContainer = ConnectToContainer(strContainer,"")
Set objUser = ADSIContainer.Create("user", "cn=" & strName)
objUser.Put "SAMAccountName", strName
objUser.SetInfo
End Sub
Public Sub DeleteUser(strContainer,strName)
Dim ADSIContainer
Set ADSIContainer = ConnectToContainer(strContainer,"")
ADSIContainer.Delete "user", "cn=" & strName
End Sub
Public Function GetUser(objUser,strContainer,strName)
Set objUser.ADUser = ConnectToContainer(strContainer,strName)
GetUser = True
End Function
End Class
'#endregion
' Sample ADSI Wizard code
Dim objADSI
Dim objADSIUser
Set objADSI = New ADSIConnection
Set objADSIUser = New ADSIUser
if False Then
' Additional Wizard Sample Code
Call objADSI.GetUser(objADSIUser,"cn=Users","Hooten")
objADSI.CreateUser "cn=Users","Hooten"
End If
это, конечно же, посмотрите на [Azure AD Graph REST API Reference] (http://msdn.microsoft.com/en-us/library/azure/hh974478.aspx) и [System.DirectoryServices] (https://msdn.microsoft.com/en-us/library/System.DirectoryServices (v = vs.100) .aspx) для C#/VB.net – tbc
Могу ли я использовать его непосредственно из JavaScript/JQuery? – abierto
Вы можете использовать REST API, какую операцию вам нужно (список всех пользователей, поиск пользователя по имени и т. Д.)? – tbc