C#域控操作大全_节点删除_修改密码_添加用户
来源:互联网 发布:cad怎么添加网络打印机 编辑:程序博客网 时间:2024/05/02 00:11
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Collections;
using System.Data;
using System.DirectoryServices;
using NJZF.SCDM.DAL.Database;
using System.Data.SqlClient;
using NJZF.SCDM.DAL.DBUtility;
using NJZF.SCDM.BLL.Tools;
using NJZF.SCDM.DataModel;
namespace NJZF.SCDM.BLL.User
{
public class AdHelper
{
/// <summary>
/// 定义域控配置结构
/// </summary>
public struct DomainConfig
{
public string LdapPath;
public string AdUser;
public string AdPwd;
public string DomainName;
}
/// <summary>
/// 初始化域控配置结构
/// </summary>
/// <returns></returns>
public static DomainConfig GetConfig()
{
DomainConfig Config = new DomainConfig();
SqlParameter [] Parameter={new SqlParameter
("@Type",SqlDbType.Int,4)};
Parameter[0].Value=1;
DataSet ds = DbHelperSQL.RunProcedure("SCDM_Config_GetModel",
Parameter, "SCDM_Config");
if (ds.Tables[0].Rows.Count > 0)
{
Config.LdapPath = ds.Tables[0].Rows[0][1].ToString();
Config.AdUser = ds.Tables[0].Rows[0][2].ToString();
Config.AdPwd = ds.Tables[0].Rows[0][3].ToString();
string DomainName = "";
string[] DomainNameArr = StringTools.GetSafeStr(ds.Tables
[0].Rows[0][5].ToString()).Split(new char[] { '.' });
if (DomainNameArr.Length > 0)
{
foreach (string arrname in DomainNameArr)
{
string DC1 = "DC=" + arrname + ",";
DomainName += DC1;
}
}
DomainName = DomainName.Remove(DomainName.LastIndexOf(','));
Config.DomainName = DomainName;
}
return Config;
} http://www.pj518.net http://www.jstianshuo.com http://www.pj365.net http://www.jscxkeji.com
/// <summary>
/// 获取数据库中跟节点的名称
/// </summary>
/// <returns></returns>
public static string GetRootName()
{
SqlParameter[] Parameter = { new SqlParameter("@Type",
SqlDbType.Int, 4) };
Parameter[0].Value = 1;
DataSet ds = DbHelperSQL.RunProcedure("SCDM_Config_GetModel",
Parameter, "SCDM_Config");
if (ds.Tables[0].Rows.Count > 0)
{
return ds.Tables[0].Rows[0][1].ToString();
}
else
{
return "";
}
}
/// <summary>
/// 域的名称
/// </summary>
#region MyRegion
///用户属性定义标志
public enum ADS_USER_FLAG_ENUM
{
///
///登录脚本标志。如果通过 ADSI LDAP 进行读或写操作时,该标志失效
。如果通过 ADSI WINNT,该标志为只读。
///
ADS_UF_SCRIPT = 0X0001,
///
///用户帐号禁用标志
///
ADS_UF_ACCOUNTDISABLE = 0X0002,
///
///主文件夹标志
///
ADS_UF_HOMEDIR_REQUIRED = 0X0008,
///
///过期标志
///
ADS_UF_LOCKOUT = 0X0010,
///
///用户密码不是必须的
///
ADS_UF_PASSWD_NOTREQD = 0X0020,
///
///密码不能更改标志
///
ADS_UF_PASSWD_CANT_CHANGE = 0X0040,
///
///使用可逆的加密保存密码
///
ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED = 0X0080,
///
///本地帐号标志
///
ADS_UF_TEMP_DUPLICATE_ACCOUNT = 0X0100,
///
///普通用户的默认帐号类型
///
ADS_UF_NORMAL_ACCOUNT = 0X0200,
///
///跨域的信任帐号标志
///
ADS_UF_INTERDOMAIN_TRUST_ACCOUNT = 0X0800,
///
///工作站信任帐号标志
///
ADS_UF_WORKSTATION_TRUST_ACCOUNT = 0x1000,
///
///服务器信任帐号标志
///
ADS_UF_SERVER_TRUST_ACCOUNT = 0X2000,
///
///密码永不过期标志
///
ADS_UF_DONT_EXPIRE_PASSWD = 0X10000,
///
/// MNS 帐号标志
///
ADS_UF_MNS_LOGON_ACCOUNT = 0X20000,
///
///交互式登录必须使用智能卡
///
ADS_UF_SMARTCARD_REQUIRED = 0X40000,
///
///当设置该标志时,服务帐号(用户或计算机帐号)将通过 Kerberos 委
托信任
///
ADS_UF_TRUSTED_FOR_DELEGATION = 0X80000,
///
///当设置该标志时,即使服务帐号是通过 Kerberos 委托信任的,敏感帐
号不能被委托
///
ADS_UF_NOT_DELEGATED = 0X100000,
///
///此帐号需要 DES 加密类型
///
ADS_UF_USE_DES_KEY_ONLY = 0X200000,
///
///不要进行 Kerberos 预身份验证
///
ADS_UF_DONT_REQUIRE_PREAUTH = 0X4000000,
///用户密码过期标志
ADS_UF_PASSWORD_EXPIRED = 0X800000,
///用户帐号可委托标志
ADS_UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION = 0X1000000
}
#endregion
#region 获取域上的所有的用户列表
/// 获取域上的所有的用户列表
/// </summary>
/// <returns>用户集合</returns>
public static ArrayList GetUsers()
{
ArrayList users = new ArrayList();
DirectoryEntry de = GetObjectByAdmin();
DirectorySearcher deSearch = new DirectorySearcher(de);
deSearch.Filter = "(&(&(objectCategory=person)
(objectClass=user)))";
deSearch.SearchScope = SearchScope.Subtree;
try
{
SearchResultCollection results = deSearch.FindAll();
for (int i = 0; i < results.Count; i++)
{
DirectoryEntry des = results[i].GetDirectoryEntry();
users.Add(des);
}
return users;
}
catch (Exception e)
{
return null;
}
}
#endregion
#region 获取域上的所有用户组列表
/// 获取域上的所有用户组列表
/// </summary>
/// <returns>用户集合</returns>
public static ArrayList GetGroups()
{
ArrayList groups = new ArrayList();
DirectoryEntry de = GetObjectByAdmin();
DirectorySearcher deSearch = new DirectorySearcher(de);
deSearch.Filter = "(objectCategory=group)";
deSearch.SearchScope = SearchScope.Subtree;
SearchResultCollection results;
try
{
results = deSearch.FindAll();
foreach (SearchResult sr in results)
{
DirectoryEntry directoryentry = sr.GetDirectoryEntry();
groups.Add(directoryentry);
}
return groups;
}
catch (Exception e)
{
return null;
}
}
#endregion
#region 根据用户组的名称查找该组下的用户成员
/// 根据用户组的名称查找该组下的用户成员
/// </summary>
/// <param name="groupName">用户组名称</param>
/// <returns>用户集合</returns>
public static ArrayList GetUsersByGroup(string groupName)
{
ArrayList users = new ArrayList();
DirectoryEntry SearchRoot = GetObjectByAdmin();
DirectorySearcher directorySearch = new DirectorySearcher
(SearchRoot);
directorySearch.Filter = "(&(objectClass=group)(SAMAccountName="
+ groupName + "))";
SearchResult results = directorySearch.FindOne();
try
{
if (results != null)
{
DirectoryEntry dirEntry = new DirectoryEntry
(results.Path,GetConfig().AdUser, GetConfig().AdPwd);
System.DirectoryServices.PropertyCollection
propertyCollection = dirEntry.Properties;
int count = propertyCollection["member"].Count;
for (int i = 0; i < count; i++)
{
string respath = results.Path;
string[] pathnavigate = respath.Split
("CN".ToCharArray());
respath = pathnavigate[0];
string objpath = propertyCollection["member"]
[i].ToString();
string path = respath + objpath;
DirectoryEntry user = new DirectoryEntry(path,
GetConfig().AdUser, GetConfig().AdPwd);
users.Add(user);
}
}
return users;
}
catch (Exception e)
{
return null;
}
}
#endregion
#region 根据用户组查找对应的用户
/// 根据用户组查找对应的用户
/// </summary>
/// <returns>ArrayList用户集合</returns>
public static ArrayList GetUsersByUserGroup(string GroupName)
{
ArrayList users = new ArrayList();
DirectoryEntry SearchRoot = GetObjectByAdmin();
DirectorySearcher directorySearch = new DirectorySearcher
(SearchRoot);
directorySearch.Filter = "(&(objectClass=group)(SAMAccountName="
+ GroupName + "))";
SearchResult results = directorySearch.FindOne();
try
{
if (results != null)
{
DirectoryEntry dirEntry = new DirectoryEntry
(results.Path, GetConfig().AdUser,GetConfig().AdPwd);
System.DirectoryServices.PropertyCollection
propertyCollection = dirEntry.Properties;
int count = propertyCollection["member"].Count;
for (int i = 0; i < count; i++)
{
string respath = results.Path;
string[] pathnavigate = respath.Split
("CN".ToCharArray());
respath = pathnavigate[0];
string objpath = propertyCollection["member"]
[i].ToString();
string path = respath + objpath;
DirectoryEntry user = new DirectoryEntry(path,
GetConfig().AdUser, GetConfig().AdPwd);
users.Add(user);
}
}
else
{
users = null;
}
return users;
}
catch (Exception e)
{
return null;
}
}
#endregion
#region 根据用户名称查找对应的组
/// 根据用户名称查找对应的组
/// </summary>
/// <param name="username">用户名</param>
/// <returns>ArrayList用户组集合</returns>
public static ArrayList GetGroupsByUser(string username)
{
DirectoryEntry directoryentry = GetObjectByAdmin();
DirectorySearcher ds = new DirectorySearcher(directoryentry);
ds.Filter = "(&(sAMAccountName=" + username + "))";
ds.PropertiesToLoad.Add("memberof");
SearchResult searchresult = ds.FindOne();
ArrayList results = new ArrayList();
if (searchresult == null)
{
results = null;
}
else
{
if (searchresult.Properties["memberof"] == null)
{
return (null);
}
for (int i = 0; i < searchresult.Properties
["memberof"].Count; i++)
{
string theGroupPath = searchresult.Properties
["memberof"][i].ToString();
results.Add(theGroupPath.Substring(3,
theGroupPath.IndexOf(",") - 3));
}
}
directoryentry.Close();
return (results);
}
#endregion
#region 以管理员的身份登陆域
/// 以管理员的身份登陆域
/// </summary>
/// <param name="adPath">Ldap地址</param>
/// <param name="adUser">用户名称</param>
/// <param name="adPassWord">用户密码</param>
/// <returns>返回DirectoryEntry对象</returns>
public static DirectoryEntry GetObjectByAdmin()
{
DirectoryEntry entry = new DirectoryEntry(GetConfig
().LdapPath,GetConfig().AdUser, GetConfig().AdPwd,
AuthenticationTypes.Secure);
return entry;
}
/// <summary>
/// 测试域控链接的方法
/// </summary>
/// <param name="UserName">域控管理员用户名</param>
/// <returns></returns>
public static DirectoryEntry TestAD(string UserName)
{
DirectoryEntry de = GetObjectByAdmin();
DirectorySearcher deSearch = new DirectorySearcher(de);
deSearch.Filter = "(&(objectClass=group)(cn=" + UserName + "))";
deSearch.SearchScope = SearchScope.Subtree;
try
{
SearchResult result = deSearch.FindOne();
de = new DirectoryEntry(result.Path);
return de;
}
catch
{
return null;
}
}
#endregion
#region 以管理员的身份登陆域
/// <summary>
/// 以管理员的身份登陆域
/// </summary>
/// <param name="adPath">Ldap地址</param>
/// <param name="adUser">用户名称</param>
/// <param name="adPassWord">用户密码</param>
/// <returns>返回DirectoryEntry对象</returns>
private static DirectoryEntry GetDirectoryObject(string
domainReference)
{
DirectoryEntry entry = new DirectoryEntry(GetConfig().LdapPath +
domainReference,GetConfig().AdUser, GetConfig().AdPwd,
AuthenticationTypes.Secure);
return entry;
}
#endregion
#region 根据用户名称查找对应的组
/// <summary>
/// 根据用户名称查找对应的组
/// </summary>
/// <param name="username">用户名</param>
/// <returns>用户组字符串以,隔开</returns>
public static string GetGroupsByUserString(string username)
{
string groups = "";
DirectoryEntry directoryentry = GetObjectByAdmin();
DirectorySearcher ds = new DirectorySearcher(directoryentry);
ds.Filter = "(&(sAMAccountName=" + username + "))";
ds.PropertiesToLoad.Add("memberof");
SearchResult searchresult = ds.FindOne();
if (searchresult != null)
{
if (searchresult.Properties["memberof"] == null)
{
return (null);
}
ArrayList results = new ArrayList();
for (int i = 0; i < searchresult.Properties
["memberof"].Count; i++)
{
string theGroupPath = searchresult.Properties
["memberof"][i].ToString();
groups += theGroupPath.Substring(3, theGroupPath.IndexOf
(",") - 3) + ",";
}
}
directoryentry.Close();
if (groups.Length > 0)
{
groups = groups.Remove(groups.LastIndexOf(','));
}
return groups;
}
#endregion
#region 用户身份验证
/// <summary>
/// 用户身份验证
/// </summary>
/// <param name="UserID">用户账号名称</param>
/// <param name="Password">用户账号密码</param>
/// <returns>验证结果</returns>
public static bool IsAuthenticated(string UserID, string Password)
{
bool result = false;
DirectoryEntry entry = GetObjectByAdmin(UserID, Password);
try
{
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + UserID + ")";
SearchResult searchResult = search.FindOne();
if (searchResult != null)
{
result = true;
}
return result;
}
catch (Exception ex)
{
return result;
}
}
#endregion
#region MyRegion
/// <summary>
/// 根据用户名密码获取DirectoryEntry对象
/// </summary>
/// <param name="UserID">登陆名</param>
/// <param name="Password">密码</param>
/// <returns>DirectoryEntry</returns>
private static DirectoryEntry GetObjectByAdmin(string UserID, string
Password)
{
DirectoryEntry entry = new DirectoryEntry(GetConfig
().LdapPath,GetConfig().AdUser,GetConfig().AdPwd);
return entry;
}
#endregion
#region 域控成员身份验证
/// <summary>
/// 域控成员身份验证
/// </summary>
/// <param name="LdapPath">域控的地址</param>
/// <param name="UserName">登陆用户名</param>
/// <param name="PassWord">登陆密码</param>
/// <returns>验证结果true或者false</returns>
public static bool IsAuthenticated(string LdapPath, string UserName,
string PassWord)
{
DirectoryEntry entry = GetObjectByAdmin(LdapPath, UserName,
PassWord);
try
{
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + UserName + ")";
SearchResult result = search.FindOne();
if (null == result)
{
return false;
}
else
{
return true;
}
}
catch (Exception ex)
{
return false;
}
}
#endregion
#region 以管理员登陆域控
/// <summary>
/// 以管理员登陆域控
/// </summary>
/// <param name="LdapPath">域控的地址</param>
/// <param name="UserName">登录名称</param>
/// <param name="PassWord">登陆密码</param>
/// <returns>DirectoryEntry</returns>
public static DirectoryEntry GetObjectByAdmin(string LdapPath, string
UserName, string PassWord)
{
try
{
DirectoryEntry entry = new DirectoryEntry(LdapPath, UserName,
PassWord);
if (entry.Guid == null)
{
return null;
}
else
{
return entry;
}
}
catch
{
return null;
}
}
#endregion
#region 根据用户名获取用户实体对象
/// <summary>
/// 根据用户名称获取用户的实体对象
/// </summary>
/// <param name="AccoutName">用户账号名称</param>
/// <returns>用户实体对象</returns>
public static ModelUsers GetUserModel(string AccoutName)
{
DirectoryEntry der = AdHelper.GetDirectoryEntry(AccoutName);
DirectoryEntry de = GetObjectByAdmin();
DirectorySearcher desearcher = new DirectorySearcher(de);
desearcher.Filter = "(&(&(objectCategory=person)
(objectClass=user))(cn=" + AccoutName + "))";
desearcher.SearchScope = SearchScope.Subtree;
try
{
SearchResult SeaRes = desearcher.FindOne();
DirectoryEntry DireEnt = new DirectoryEntry(SeaRes.Path,
GetConfig().AdUser, GetConfig().AdPwd, AuthenticationTypes.Secure);
ModelUsers UserModel = new ModelUsers();
if (DireEnt == null)
{
UserModel = null;
return UserModel;
}
else
{
UserModel.Loginname = DireEnt.Properties
["sAMAccountName"].Value.ToString();
UserModel.Username = DireEnt.Name;
UserModel.Email = DireEnt.Properties["Mail"].Value ==
null ? "" : DireEnt.Properties["Mail"].Value.ToString();
UserModel.Description = DireEnt.Properties
["description"].Value == null ? "" : DireEnt.Properties
["description"].Value.ToString();
if( DireEnt.Properties["telephoneNumber"].Count>0)
UserModel.Tel = DireEnt.Properties["telephoneNumber"]
[0].ToString() == null ? "" : DireEnt.Properties["telephoneNumber"]
[0].ToString();
if (DireEnt.Properties["userPassword"].Count > 0)
{
UserModel.PassWord = DireEnt.Properties
["userPassword"].Value.ToString();
string m = DireEnt.Properties["userPassword"]
[0].ToString();
}
else
{
}
return UserModel;
}
}
catch (Exception e)
{
return null;
}
}
#endregion
#region 创建新的用户
/// <summary>
/// 创建新的用户
/// </summary>
/// <param name="ldapDN">路径</param>
/// <param name="UserModel">用户实体对象</param>
public static void CreateNewUser(string ldapDN, ModelUsers UserModel)
{
DirectoryEntry entry = GetObjectByAdmin();
DirectoryEntry subEntry = new DirectoryEntry(ldapDN,GetConfig
().AdUser, GetConfig().AdPwd);
DirectoryEntry deUser = subEntry.Children.Add("CN=" +
UserModel.Username, "user");
deUser.Properties["sAMAccountName"].Value = UserModel.Loginname;
if (UserModel.Description != "")
{
deUser.Properties["description"].Value =
UserModel.Description;
}
if (UserModel.Email != "")
{
deUser.Properties["Mail"].Value = UserModel.Email;
}
if (UserModel.Tel != "")
{
deUser.Properties["telephoneNumber"].Add(UserModel.Tel);
}
deUser.CommitChanges();
AdHelper.SetPassword(UserModel.Username,UserModel.PassWord);
AdHelper.EnableUser(UserModel.Username);
deUser.Close();
}
#endregion
#region 修改用户信息
/// <summary>
/// 修改用户信息
/// </summary>
/// <param name="UserModel">用户实体对象</param>
public static void ModifyUsers(ModelUsers UserModel)
{
DirectoryEntry de = GetDirectoryEntry(UserModel.Username);
if (UserModel.Description != "")
{
de.Properties["description"].Value = UserModel.Description;
}
if (UserModel.Email != "")
{
de.Properties["Mail"].Value = UserModel.Email;
}
if (UserModel.Tel != "")
{
if (de.Properties["telephoneNumber"].Count > 0)
{
string m = de.Properties["telephoneNumber"][0].ToString
();
de.Properties["telephoneNumber"][0] = UserModel.Tel;
}
else
{
de.Properties["telephoneNumber"].Add(UserModel.Tel);
}
}
try
{
de.CommitChanges();
de.Close();
if (UserModel.PassWord != "")
{
de.Properties["userPassword"].Add(UserModel.PassWord);
SetPassword(UserModel.Username, UserModel.PassWord);
}
}
catch
{
}
}
#endregion
#region 启用指定名称的用户
/// <summary>
/// 启用指定名称的用户
/// </summary>
/// <param name="commonName"></param>
public static void EnableUser(string commonName)
{
EnableUser(GetDirectoryEntry(commonName));
}
#endregion
#region 启用指定的用户
/// 启用指定的用户
/// </summary>
/// <param name="de"></param>
public static void EnableUser(DirectoryEntry de)
{
de.Properties["userAccountControl"][0] =
AdHelper.ADS_USER_FLAG_ENUM.ADS_UF_NORMAL_ACCOUNT |
AdHelper.ADS_USER_FLAG_ENUM.ADS_UF_DONT_EXPIRE_PASSWD;
de.CommitChanges();
de.Close();
}
#endregion
#region 设置用户密码,管理员可以通过它来修改指定用户的密码。
///设置用户密码,管理员可以通过它来修改指定用户的密码。
///用户公共名称
///用户新密码
public static void SetPassword(string commonName, string newPassword)
{
DirectoryEntry de = GetDirectoryEntry(commonName);
try
{
de.Invoke("SetPassword", new object[] { newPassword });
}
catch(Exception Msg)
{
;
}
de.Close();
}
#endregion
#region 修改用户密码
///修改用户密码
///用户公共名称
///旧密码
///新密码
public static void ChangeUserPassword(string commonName, string
oldPassword, string newPassword)
{
// to-do: 需要解决密码策略问题
DirectoryEntry oUser = GetDirectoryEntry(commonName);
oUser.Invoke("ChangePassword", new Object[] { oldPassword,
newPassword });
oUser.Close();
}
#endregion
#region 禁用指定公共名称的用户
///禁用指定公共名称的用户
///用户公共名称
public static void DisableUser(string commonName)
{
DisableUser(GetDirectoryEntry(commonName));
}
#endregion
#region 禁用指定的用户
///禁用指定的用户
public static void DisableUser(DirectoryEntry de)
{
de.Properties["userAccountControl"][0] =
AdHelper.ADS_USER_FLAG_ENUM.ADS_UF_NORMAL_ACCOUNT |
AdHelper.ADS_USER_FLAG_ENUM.ADS_UF_DONT_EXPIRE_PASSWD |
AdHelper.ADS_USER_FLAG_ENUM.ADS_UF_ACCOUNTDISABLE;
de.CommitChanges();
de.Close();
}
#endregion
#region 判断用户帐号是否激活
///判断用户帐号是否激活
//用户帐号属性控制器
///如果用户帐号已经激活,返回 true;否则返回 false
public static bool IsAccountActive(int userAccountControl)
{
int userAccountControl_Disabled = Convert.ToInt32
(ADS_USER_FLAG_ENUM.ADS_UF_ACCOUNTDISABLE);
int flagExists = userAccountControl &
userAccountControl_Disabled;
if (flagExists > 0)
return false;
else
return true;
}
#endregion
#region 将指定的用户添加到指定的组中。默认为 Users下的组和用户。
///将指定的用户添加到指定的组中。默认为 Users下的组和用户。
///用户公共名称
///组名
//public static void AddRootUserToGroup(string userCommonName, string
groupName)
//{
// try
// {
// DirectoryEntry oGroup = GetDirectoryEntryOfGroup
(groupName);
// DirectoryEntry oUser = GetDirectoryEntry(userCommonName);
// DataModel.SCDM_Config Config = new
NJZF.SCDM.DataModel.SCDM_Config();
// BLL.BLLObject.SCDM_Config Bllconfig = new
BLL.BLLObject.SCDM_Config();
// Config = Bllconfig.GetModel(1);
// if (Config != null)
// {
// string OU = Config.Config_Value4;
// oGroup.Properties["Member"].Add("CN=" + userCommonName
+ ",OU="+OU+",DC=nj,DC=zf,DC=com");
// oGroup.CommitChanges();
// oGroup.Close();
// oUser.Close();
// }
// // impersonate.BeginImpersonate();
// }
// catch (Exception msg)
// { }
//}
public static void AddRootUserToGroup(string userCommonName, string
groupName)
{
try
{
DirectoryEntry oGroup = GetDirectoryEntryOfGroup(groupName);
DirectoryEntry oUser = GetDirectoryEntry(userCommonName);
string path = oUser.Path.Substring(oUser.Path.IndexOf
("CN="));
oGroup.Properties["Member"].Add(path);
oGroup.CommitChanges();
oGroup.Close();
oUser.Close();
// impersonate.BeginImpersonate();
}
catch (Exception msg)
{
}
}
//public static void AddOUUserToGroup(string userCommonName, string
groupName,string parent)
//{
// try
// {
// DirectoryEntry oGroup = GetDirectoryEntryOfGroup
(groupName);
// DirectoryEntry oUser = GetDirectoryEntry(userCommonName);
// DataModel.SCDM_Config Config = new
NJZF.SCDM.DataModel.SCDM_Config();
// BLL.BLLObject.SCDM_Config Bllconfig = new
BLL.BLLObject.SCDM_Config();
// Config = Bllconfig.GetModel(1);
// if (Config != null)
// {
// string OU = Config.Config_Value4;
// oGroup.Properties["Member"].Add("CN=" + userCommonName
+ ",OU="+parent+",OU=" + OU + ",DC=nj,DC=zf,DC=com");
// oGroup.CommitChanges();
// oGroup.Close();
// oUser.Close();
// }
// // impersonate.BeginImpersonate();
// }
// catch (Exception msg)
// { }
//}
#endregion
#region 根据组名取得用户组的对象
///根据组名取得用户组的对象
///组名
public static DirectoryEntry GetDirectoryEntryOfGroup(string
groupName)
{
DirectoryEntry de = GetObjectByAdmin();
DirectorySearcher deSearch = new DirectorySearcher(de);
deSearch.Filter = "(&(objectClass=group)(cn=" + groupName + "))";
deSearch.SearchScope = SearchScope.Subtree;
try
{
SearchResult result = deSearch.FindOne();
de = new DirectoryEntry(result.Path,GetConfig
().AdUser,GetConfig().AdPwd, AuthenticationTypes.Secure);
return de;
}
catch
{
return null;
}
}
#endregion
#region
///从指定的组中删除用户(关系)
/// <summary>
/// 删除用户操作
/// </summary>
/// <param name="userCommonName">用户名称</param>
/// <param name="groupName">用户组名称</param>
public static void RemoveUserFromGroup(string userCommonName, string
groupName)
{
DirectoryEntry oGroup = GetDirectoryEntryOfGroup(groupName);
DirectoryEntry oUser = GetDirectoryEntry(userCommonName);
oGroup.Properties["member"].Remove(oUser.Properties
["distinguishedName"].Value);
oGroup.CommitChanges();
oGroup.Close();
oUser.Close();
}
#endregion
#region
/// <summary>
/// 删除用户
/// </summary>
/// <param name="Ldap">路径</param>
public static void DeleteUser(string Ldap)
{
DirectoryEntry de = new DirectoryEntry(Ldap, GetConfig().AdUser,
GetConfig().AdPwd, AuthenticationTypes.Secure);
try
{
de.DeleteTree();
de.CommitChanges();
de.Dispose();
}
catch (Exception Msg)
{
;
}
}
#endregion
#region 修改用户组的信息
/// <summary>
/// 修改用户组的信息
/// </summary>
/// <param name="groupName"></param>
/// <param name="groupDesc"></param>
/// <param name="groupCtl"></param>
public static void ModifyGroup(string Ldap,ModelUserGroup
UserGroupModel)
{
DirectoryEntry group = new DirectoryEntry(Ldap, GetConfig
().AdUser, GetConfig().AdPwd, AuthenticationTypes.Secure);
group.Properties["description"].Value
=UserGroupModel.Description;
group.CommitChanges();
group.Close();
}
#endregion
#region 删除用户组
/// <summary>
/// 删除用户组
/// </summary>
/// <param name="Ldap">路径</param>
/// <param name="UserGroupModel">用户组对象</param>
public static void DeleteGroup(string Ldap,ModelUserGroup
UserGroupModel)
{
DirectoryEntry de = new DirectoryEntry(Ldap, GetConfig().AdUser,
GetConfig().AdPwd, AuthenticationTypes.Secure);
try
{
de.DeleteTree();
de.CommitChanges();
de.Dispose();
}
catch (Exception Msg)
{
;
}
}
#endregion
#region 根据框架的名臣获取该框架集下所有的路径集合
/// <summary>
/// 根据框架的名臣获取该框架集下所有的路径集合
/// </summary>
/// <param name="ClassName"></param>
/// <returns></returns>
public static SearchResultCollection GetTreeGroup(string ClassName)
{
DirectoryEntry de = GetObjectByAdmin();
DirectorySearcher deSearch = new DirectorySearcher(de);
deSearch.Filter = "(objectCategory=group)";
deSearch.SearchScope = SearchScope.Subtree;
SearchResultCollection results = deSearch.FindAll();
return results;
//search.Sort=new SortOption("name","Path","displayname","sam"
}
#endregion
#region 根据用户名获取用户的对象
/// <summary>
/// 根据用户名获取用户的对象
/// </summary>
/// <param name="commonName"></param>
/// <returns></returns>
public static DirectoryEntry GetDirectoryEntry(string commonName)
{
DirectoryEntry de = GetObjectByAdmin();
DirectorySearcher deSearch = new DirectorySearcher(de);
deSearch.Filter = "(&(&(objectCategory=person)
(objectClass=user))(cn=" + commonName + "))";
deSearch.SearchScope = SearchScope.Subtree;
try
{
SearchResult result = deSearch.FindOne();
DirectoryEntry deuser = new DirectoryEntry
(result.Path,GetConfig().AdUser, GetConfig().AdPwd);
return deuser;
}
catch (System.Runtime.InteropServices.COMException e)
{
return null;
}
}
#endregion
#region 添加组织单元里的用户组
/// <summary>
/// 添加组织单元里的用户组
/// </summary>
/// <param name="Ldap">路径</param>
/// <param name="UserGroupModel">用户组实体对象</param>
public static void AddGroup(string Ldap,ModelUserGroup
UserGroupModel)
{
try
{
using (DirectoryEntry dir = new DirectoryEntry(Ldap,
GetConfig().AdUser, GetConfig().AdPwd, AuthenticationTypes.Secure))
{
using (DirectoryEntry group = dir.Children.Add("CN=" +
UserGroupModel.GroupName, "group"))
{
group.Invoke("Put", new object[] { "Description",
UserGroupModel.Description });
group.Invoke("Put", new object[] { "CN",
UserGroupModel.GroupName });
group.CommitChanges();
}
}
}
catch (Exception msg)
{ }
}
#endregion
#region 设置成员的隶属关系
/// <summary>
/// 设置成员的隶属关系
/// </summary>
/// <param name="GroupName"></param>
/// <param name="Member"></param>
public static void SetMember(string groupName, string ParentName)
{
DirectoryEntry de = GetDirectoryEntryOfGroup(ParentName);
de.Properties["Member"].Add("CN=" + groupName +
",OU=RDP,DC=nj,DC=zf,DC=com");
de.CommitChanges();
}
#endregion
#region 根据公共名称获取组织单元结构
/// <summary>
/// 根据公共名称获取组织单元的结构
/// </summary>
/// <param name="RootName">公共名称</param>
/// <returns>ArrayList集合</returns>
public static ArrayList GetOu(string OU)
{
string Path = GetConfig().LdapPath + "/OU=" + OU + "," +
GetConfig().DomainName;
ArrayList arr = new ArrayList();
DirectoryEntry DireRoot = GetObjectByAdmin();
try
{
DirectoryEntry RootOu = new DirectoryEntry(Path, GetConfig
().AdUser, GetConfig().AdPwd);
arr.Add(RootOu);
}
catch
{
arr = null;
}
return arr;
}
/// <summary>
/// 域控验证,返回域控的域名称
/// </summary>
/// <param name="commonName"></param>
/// <returns></returns>
public static string GetDomainName(string commonName,string
LDAP,string Pwd)
{
DirectoryEntry entry = new DirectoryEntry(LDAP, commonName, Pwd,
AuthenticationTypes.Secure);
DirectorySearcher deSearch = new DirectorySearcher(entry);
deSearch.Filter = "(&(&(objectCategory=person)
(objectClass=user))(cn=" + commonName + "))";
deSearch.SearchScope = SearchScope.Subtree;
try
{
SearchResult result = deSearch.FindOne();
if (result.Path != "")
{
string DoMainName = result.Path.Substring
(result.Path.LastIndexOf("CN=Users") + 9);
string domainname = DoMainName.Replace("DC=",
"").Replace(",", ".").Trim();
return domainname;
}
else
{
return "";
}
}
catch
{
return "";
}
}
#endregion
#region 根据LDAP路径获取节点下的组织单元
/// <summary>
/// 根据LDAP路径获取节点下的子项
/// </summary>
/// <param name="Path"></param>
/// <returns></returns>
public static ArrayList GetLeverOu(string Path)
{
ArrayList arr = new ArrayList();
DirectoryEntry directoryparent = new DirectoryEntry(Path,
GetConfig().AdUser, GetConfig().AdPwd);
foreach (DirectoryEntry de in directoryparent.Children)
{
//if(de.)
///用户///用户组
///用户组///用户组
arr.Add(de);
}
return arr;
}
public static ArrayList GetUsers(string Path) {
ArrayList arr = new ArrayList();
DirectoryEntry entry = new DirectoryEntry(Path, GetConfig
().AdUser, GetConfig().AdPwd, AuthenticationTypes.Secure);
DirectorySearcher deSearch = new DirectorySearcher(entry);
deSearch.Filter = "(&(&(objectCategory=person)
(objectClass=user)))";
deSearch.SearchScope = SearchScope.Subtree;
try
{
SearchResultCollection results = deSearch.FindAll();
for (int i = 0; i < results.Count; i++)
{
DirectoryEntry des = results[i].GetDirectoryEntry();
arr.Add(des);
}
return arr;
}
catch
{
return null;
}
}
#endregion
#region 添加组织单元
/// <summary>
/// 添加组织单元
/// </summary>
/// <param name="Ldap">路径</param>
/// <param name="ModelOu">组织单元实体</param>
public static void AddOu(string Ldap,OUModel ModelOu)
{
using (DirectoryEntry dir = new DirectoryEntry(Ldap, GetConfig
().AdUser, GetConfig().AdPwd, AuthenticationTypes.Secure))
{
using (DirectoryEntry group = dir.Children.Add("OU=" +
ModelOu.OuName, "organizationalUnit"))
{
if (ModelOu.OuDescription != "")
{
group.Invoke("Put", new object[] { "Description",
ModelOu.OuDescription });
}
group.CommitChanges();
}
}
}
#endregion
#region 修改组织单元
/// <summary>
/// 修改组织单元
/// </summary>
/// <param name="Ldap">路径</param>
/// <param name="ModelOu">组织单元实体</param>
public static void ModefiyOu(string Ldap, OUModel ModelOu)
{
DirectoryEntry group = new DirectoryEntry(Ldap,GetConfig
().AdUser, GetConfig().AdPwd, AuthenticationTypes.Secure);
if (ModelOu.OuDescription != "")
{
group.Properties["description"].Value =
ModelOu.OuDescription;
}
group.CommitChanges();
group.Close();
}
#endregion
#region 删除组织单元
/// <summary>
/// 删除组织单元
/// </summary>
/// <param name="Ldap">路径</param>
public static void DeleteOU(string Ldap)
{
DirectoryEntry de = new DirectoryEntry(Ldap,GetConfig().AdUser,
GetConfig().AdPwd, AuthenticationTypes.Secure);
try
{
de.DeleteTree();
de.CommitChanges();
de.Dispose();
}
catch (Exception Msg)
{
;
}
}
#endregion
#region 根据用户名获取OU实体对象
/// <summary>
/// 根据用户名称获取OU实体对象
/// </summary>
/// <param name="AccoutName">用户账号名称</param>
/// <returns>用户实体对象</returns>
public static OUModel GetOUModel(string Path)
{
DirectoryEntry DireEnt = new DirectoryEntry(Path,GetConfig
().AdUser, GetConfig().AdPwd, AuthenticationTypes.Secure);
OUModel ModelOu = new OUModel();
if (DireEnt == null)
{
ModelOu = null;
return ModelOu;
}
else
{
ModelOu.OuName = DireEnt.Properties["OU"].Value == null ?
"" : DireEnt.Properties["OU"].Value.ToString();
ModelOu.OuDescription = DireEnt.Properties
["description"].Value == null ? "" : DireEnt.Properties
["description"].Value.ToString();
return ModelOu;
}
}
#endregion
#region 添加域控根节点
/// <summary>
/// 添加域控根节点
/// </summary>
/// <param name="RootName"></param>
public static void AddRoot(string RootName)
{
using (DirectoryEntry dir =GetObjectByAdmin())
{
using (DirectoryEntry group = dir.Children.Add("OU=" +
RootName, "organizationalUnit"))
{
group.Invoke("Put", new object[] { "Description","域控跟
节点"});
group.CommitChanges();
}
}
}
#endregion
#region 判断是否只有一个OU
#endregion
/// <summary>
/// 判断根节点是否存在
/// </summary>
/// <returns></returns>
public static bool IsSingle()
{
using (DirectoryEntry directory = GetObjectByAdmin())
{
DirectorySearcher search = new DirectorySearcher(directory);
search.Filter = "(objectClass=organizationalUnit)";
search.SearchScope = SearchScope.Subtree;
try
{
SearchResult searchresult = search.FindOne();
if (searchresult == null)
{
return true;
}
else
{
DirectoryEntry dire=searchresult.GetDirectoryEntry();
string RootName = GetRootName();
if (RootName == "" || RootName ==
dire.Name.Substring(3))
{
return true;
}
else
{
return false;
}
}
}
catch
{
return false;
}
}
}
/// <summary>
/// 判断用户组是否存在
/// </summary>
/// <returns></returns>
//public static bool ExistGroup(string path)
//{
// DirectoryEntry DireEnt = new DirectoryEntry(path, GetConfig
().AdUser, GetConfig().AdPwd, AuthenticationTypes.Secure);
//}
/// <summary>
/// 根据用户名获取Guid
/// </summary>
/// <param name="CN">用户名称</param>
/// <returns>返回Guid</returns>
public static string GetGuidByCN(string CN)
{
try
{
DirectoryEntry dire = GetDirectoryEntry(CN);
return dire.NativeGuid;
}
catch
{
return null;
}
}
/// <summary>
/// 加载域控的根节点
/// </summary>
/// <returns>返回字符串的值</returns>
public static string GetAdRoot()
{
string OuName = "";
DirectoryEntry de = new DirectoryEntry(GetConfig().LdapPath,
GetConfig().AdUser, GetConfig().AdPwd);
foreach (DirectoryEntry dechild in de.Children)
{
if (dechild.SchemaClassName == "organizationalUnit")
{
OuName = dechild.Name.Substring(3);
break;
}
}
return OuName;
}
/// <summary>
/// 删除根节点操作
/// </summary>
/// <param name="RootName"></param>
public static void DeleteRoot(string RootName)
{
string Path = GetConfig().LdapPath + "/OU=" + RootName + ","
+GetConfig().DomainName;
DirectoryEntry de = new DirectoryEntry(Path, GetConfig().AdUser,
GetConfig().AdPwd, AuthenticationTypes.Secure);
try
{
de.DeleteTree();
de.CommitChanges();
de.Dispose();
}
catch (Exception Msg)
{
;
}
}
public static void UpdateRoot(string PriName, string ReplaceName)
{
string Path = GetConfig().LdapPath + "/OU=" + PriName + "," +
GetConfig().DomainName;
using (DirectoryEntry group = new DirectoryEntry(Path, GetConfig
().AdUser, GetConfig().AdPwd, AuthenticationTypes.Secure))
{
group.Rename("OU="+ReplaceName);
group.CommitChanges();
group.Close();
}
}
/// <summary>
/// 根据用户名获取用户的父节点
/// </summary>
/// <param name="commonName"></param>
/// <returns></returns>
public static string GetParent(string Path)
{
DirectoryEntry DireEnt = new DirectoryEntry(Path, GetConfig
().AdUser, GetConfig().AdPwd, AuthenticationTypes.Secure);
string parent = DireEnt.Parent.Name.Substring(3);
return parent;
}
#region 用户身份验证
/// <summary>
/// 用户身份验证
/// </summary>
/// <param name="UserID">用户账号名称</param>
/// <param name="Password">用户账号密码</param>
/// <returns>验证结果</returns>
public static bool IsAuthenticatedUser(string UserID, string
Password)
{
bool result = false;
DirectoryEntry de = GetDirectoryEntry(UserID);
if (de != null)
{
string Path = de.Path;
DirectoryEntry entry = new DirectoryEntry(Path, UserID,
Password);
try
{
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + UserID + ")";
SearchResult searchResult = search.FindOne();
if (searchResult != null)
{
result = true;
}
return result;
}
catch (Exception ex)
{
return false;
}
}
else
{
return false;
}
}
#endregion
/// <summary>
/// 根据路径判断该节点是否存在
/// </summary>
/// <param name="Path">路径</param>
/// <returns></returns>
public static bool Exit(string Path)
{
DirectoryEntry DireEnt = new DirectoryEntry(Path, GetConfig
().AdUser, GetConfig().AdPwd, AuthenticationTypes.Secure);
try
{
if (DireEnt.NativeGuid != "")
{
return true;
}
else
{
return false;
}
}
catch(DirectoryServicesCOMException Msg)
{
return false;
throw Msg;
}
}
}
}
- C#域控操作大全_节点删除_修改密码_添加用户
- 详解SimpleXML添加_修改_删除_遍历XML节点属性
- 详解SimpleXML添加_修改_删除_遍历XML节点属性
- 11_图书信息管理系统_查询_添加_修改_删除
- jquery Dom操作_删除节点
- 前端_删除正行 多选_添加
- C#编写的Word操作类_有换页_添加表格_文本功能
- 10_书籍管理系统_修改_删除
- 数据库课程设计_密码修改
- MySQL操作03_插入、修改和删除数据操作
- mysql数据库密码重置_忘记密码_修改密码_破解密码
- Hadoop学习3_在HADOOP集群中添加节点和删除节点
- 20170917_删除单链表中的指定节点
- Oracle_用户表_结构信息_查询小大全
- C# 生成 添加 修改 删除 XML节点操作
- stl的string的典型操作_初始化_遍历_连接_和字符指针转化_查找替换_删除_插入_常用算法
- 新闻管理系统_修改用户名密码
- 自学javascript笔记_自用_解析W3school的代码_创建删除节点
- MKNetwork MKBLOG中文翻译
- 理解嵌入式开发中的一些硬件相关的概念
- Delphi 专家包Wizard
- iOS编程规范
- 复合数据对象
- C#域控操作大全_节点删除_修改密码_添加用户
- Isometric Game Programming 笔记(二)按键控制地图上下左右方向移动
- 日志备份
- android系统内置数据库SQLite的建库、建表、添加、删除、修改、查询等基本操作
- 程序设计基础
- malloc,new,VirtualAlloc,HeapAlloc性能(速度)比较
- 黑马程序员_Java基础Day02(下)_程序流程控制(Done)
- CSS之字体样式
- 程序设计基础