如何获得本地组中的所有用户(性能良好)

我正在寻找一个解决scheme,但我发现所有解决scheme都很慢。 我想让本地窗口组中的所有用户。 这个小组当然也可以包含AD组。 因此,结果应该包含属于该组本身的所有用户以及包含的AD组的用户。 你知道这个有很好的性能的解决scheme吗?

Solutions Collecting From Web of "如何获得本地组中的所有用户(性能良好)"

你有没有尝试过,这个示例获取本地机器上的管理员组成员

using System; using System.DirectoryServices.AccountManagement; using System.Collections; class Program { static void Main(string[] args) { ArrayList myGroups = GetGroupMembers("Administrators"); foreach (string item in myGroups) { Console.WriteLine(item); } Console.ReadLine(); } public static ArrayList GetGroupMembers(string sGroupName) { ArrayList myItems = new ArrayList(); GroupPrincipal oGroupPrincipal = GetGroup(sGroupName); PrincipalSearchResult<Principal> oPrincipalSearchResult = oGroupPrincipal.GetMembers(); foreach (Principal oResult in oPrincipalSearchResult) { myItems.Add(oResult.Name); } return myItems; } public static GroupPrincipal GetGroup(string sGroupName) { PrincipalContext oPrincipalContext = GetPrincipalContext(); GroupPrincipal oGroupPrincipal = GroupPrincipal.FindByIdentity(oPrincipalContext, sGroupName); return oGroupPrincipal; } public static PrincipalContext GetPrincipalContext() { PrincipalContext oPrincipalContext = new PrincipalContext(ContextType.Machine); return oPrincipalContext; } } 

http://anyrest.wordpress.com

嘿,我做了一组类来做这个一阵子,但它让他们基于域而不是组:)

这里是类。 有一个userManager类和一个用户类

 public class UserManager { private string _domainName; private Dictionary<string, User> _userLookup; private PrincipalContext domainContext; private DirectoryEntry LDAPdirectory; public UserManager(string domainName) { _domainName = domainName; _userLookup = new Dictionary<string, User>(); domainContext = new PrincipalContext(ContextType.Domain, _domainName); //Make the LDAP directory look for all users within the domain. DC Com, Au for australia LDAPdirectory = new DirectoryEntry("LDAP://DC=" + _domainName.ToLower() + ",DC=com,DC=au"); LDAPdirectory.AuthenticationType = AuthenticationTypes.Secure; } public IEnumerable<User> Users { get { return _userLookup.Values.ToArray<User>(); } set { _userLookup.Clear(); foreach (var user in value) { if (!_userLookup.ContainsKey(user.Login)) _userLookup.Add(user.Login, user); } } } /// <summary> /// Gets all the users from the AD domain and adds them to the Users property. Returns the list. /// </summary> /// <returns></returns> public IEnumerable<User> UpdateAllUsers() { DirectorySearcher searcher = new DirectorySearcher(LDAPdirectory); searcher.Filter = "(&(&(objectClass=user)(objectClass=person)(!objectClass=computer)(objectClass=organizationalPerson)(memberof=*)(telephonenumber=*)))"; SearchResultCollection src = searcher.FindAll(); _userLookup.Clear(); foreach (SearchResult result in src) { User newUser = new User(domainContext, result.Properties["samaccountname"][0].ToString()); if (newUser.IsInitialized) { _userLookup.Add(newUser.Login, newUser); yield return newUser; } } } public User GetUser(string userLogin) { return new User(domainContext, userLogin); } public bool HasUser(string login) { return _userLookup.ContainsKey(login); } } public class User { public User() { IsInitialized = false; } /// <summary> /// Initializes a new user based on the AD info stored in the domain /// </summary> /// <param name="domainContext">The domain to search for this user</param> /// <param name="userName">The user to look for</param> public User(PrincipalContext domainContext, string userName) { try { using (UserPrincipal thisUserPrincipal = UserPrincipal.FindByIdentity(domainContext, userName)) { this.FirstName = thisUserPrincipal.GivenName; this.Surname = thisUserPrincipal.Surname; this.DisplayName = thisUserPrincipal.DisplayName; this.Email = thisUserPrincipal.EmailAddress; this.ContactNumber = thisUserPrincipal.VoiceTelephoneNumber; this.Login = thisUserPrincipal.SamAccountName; IsInitialized = true; } } catch (Exception) { IsInitialized = false; return; } } /// <summary> /// Gets a value determining if this user was properly initialized or if an exception was thrown during creation /// </summary> public bool IsInitialized { get; set; } public string FirstName { get; set; } public string Surname { get; set; } public string DisplayName { get; set; } public string Email { get; set; } public string Login { get; set; } public string ContactNumber { get; set; } } 

你可以使用PowerShell来解决这个问题。

 function GetLocalArray{ [CmdletBinding()] param( Parameter(ValueFromPipeline=$True,position=0,mandatory=$true)]$ComputerArray ) BEGIN{ $members=@() $filter=@() } PROCESS{ foreach($computer in $ComputerArray){ $gwmiquery = Get-WMIObject win32_group -filter "LocalAccount='True'" -computername $computer #| where{$_.Name -like "*Administrators"} #uncomment to filter the result to just local administrators group $gwmiquery | foreach{ $name=$_.Name; $A=$_.GetRelated("Win32_UserAccount").Name -join ";"; #users $B=$_.GetRelated("Win32_Account").Name -join ";"; #systemgroup $memberUsers = New-Object PSObject -Property @{ComputerName=$_.PSComputerName;Name=$name;AllMembers=$B;Members=$A} $members+=$memberUsers; } } $filter+= $members | foreach{$name=$_.name; if( ! [String]::IsNullOrWhiteSpace($_.AllMembers)) { $_ } } } END{ return $filter } } 

从这样的文件中读取电脑:

 $computers = Get-Content $Global:ComputersFile $AllComputerMembers = GetLocalArray -ComputerArray $computers 

从这里你可以使用convertto-csv,export-csv,convertto-json在web或Excel上使用它。