AD域验证DirectoryEntry用法

引用：

using System.Configuration;
using System.DirectoryServices;

web.config加配置：把下面的ip改为你自己域服务器ip

<appSettings>
    <!--域登陆Path-->
    <add key="ADPath" value="LDAP:10.10.1.111"/>
    <!--域登陆Domain-->
    <add key="ADDomain" value="10.10.1.111"/>
  </appSettings>

 

/// <summary>
        /// 域账号是否登陆成功
        /// </summary>
        /// <param name="username">域登陆账号</param>
        /// <param name="pwd">域登陆密码</param>
        /// <returns></returns>
        public static bool IsAuthenticated(string username, string pwd)
        {
            string adPath = ConfigurationManager.AppSettings["ADPath"].ToString();
            string domain = ConfigurationManager.AppSettings["ADDomain"].ToString();
            string domainUserName = domain + @"\" + username;      //或者可以这样 string domainUserName = username;
            DirectoryEntry entry = new DirectoryEntry(adPath, domainUserName, pwd);
            try
            {
                DirectorySearcher deSearch = new DirectorySearcher(entry);
                deSearch.Filter = "(&(objectCategory=Person)(objectClass=User)(SAMAccountName=" + username + "))";
                deSearch.PropertiesToLoad.Add("cn");
                SearchResult result = deSearch.FindOne();
                if (null == result)
                {
                    return false;
                }
                //可以获取相关信息
                string _path = result.Path;
                string _filterAttribute = (string)result.Properties["cn"][0];
            }
            catch (Exception ex)
            {
                throw new Exception(ex.Message);
            }
            return true;
        }