C# 操作域用户
来源:互联网 发布:ip网络功放作用 编辑:程序博客网 时间:2024/05/16 11:57
class ADHelper { /// <summary> /// 域名称 /// </summary> static string domainName; /// <summary> /// 管理员帐号 /// </summary> static string adAdmin; /// <summary> /// 管理员密码 /// </summary> static string password; static ADHelper() { domainName = ConfigurationManager.AppSettings["domainName"]; adAdmin = ConfigurationManager.AppSettings["adAdmin"]; password = ConfigurationManager.AppSettings["password"]; ; } #region 创建AD连接 /// <summary> /// 创建AD连接 /// </summary> /// <returns></returns> public static DirectoryEntry GetDirectoryEntry() { DirectoryEntry adRoot = new DirectoryEntry("LDAP://" + domainName, adAdmin, password, AuthenticationTypes.Secure); return adRoot; } #endregion #region 获取目录实体集合 /// <summary> /// 获取目录实体集合 /// </summary> /// <param name="DomainReference"></param> /// <returns></returns> public static DirectoryEntry GetDirectoryEntry(string DomainReference) { DirectoryEntry entry = new DirectoryEntry(DomainReference, adAdmin, password, AuthenticationTypes.Secure); return entry; } #endregion } public class ADManager { /// <summary> /// 判断是否存在 /// </summary> /// <param name="objectName">名称</param> /// <param name="catalog">类别:User,Group,OU</param> /// <returns></returns> public bool ObjectExists(string objectName, string catalog) { DirectoryEntry de = ADHelper.GetDirectoryEntry(); DirectorySearcher deSearch = new DirectorySearcher(); deSearch.SearchRoot = de; switch (catalog) { case "User": deSearch.Filter = "(&(objectClass=user) (cn=" + objectName + "))"; break; case "Group": deSearch.Filter = "(&(objectClass=group) (cn=" + objectName + "))"; break; case "OU": deSearch.Filter = "(&(objectClass=OrganizationalUnit) (OU=" + objectName + "))"; break; default: break; } SearchResultCollection results = deSearch.FindAll(); if (results.Count == 0) { return false; } else { return true; } } /// <summary> /// 新建OU /// </summary> /// <param name="path"></param> public void CreateOU(string name) { if (!ObjectExists(name, "OU")) { DirectoryEntry dse = ADHelper.GetDirectoryEntry(); DirectoryEntries ous = dse.Children; DirectoryEntry newou = ous.Add("OU=" + name, "OrganizationalUnit"); newou.CommitChanges(); newou.Close(); dse.Close(); } else { Console.WriteLine("OU已存在"); } } /// <summary> /// 新建用户组 /// </summary> /// <param name="path"></param> public void CreateGroup(string name) { if (!ObjectExists(name, "Group")) { DirectoryEntry dse = ADHelper.GetDirectoryEntry(); DirectoryEntries Groups = dse.Children; DirectoryEntry newgroup = Groups.Add("CN=" + name, "group"); newgroup.CommitChanges(); newgroup.Close(); dse.Close(); } else { Console.WriteLine("用户组已存在"); } } /// <summary> /// 新建用户 /// </summary> /// <param name="name"></param> /// <param name="login"></param> public bool CreateUser(string name, string login, string password, string GroupName) { if (ObjectExists(login, "User")) { return true; } try { /// 1. 新建帐号 DirectoryEntry de = ADHelper.GetDirectoryEntry(); DirectoryEntries users = de.Children; DirectoryEntry newuser = users.Add("CN=" + login, "user"); /// 2. 设置属性 SetProperty(newuser, "givenname", name); SetProperty(newuser, "SAMAccountName", login); SetProperty(newuser, "userPrincipalName", login); SetProperty(newuser, "Description", "Create User By EosSoft System"); newuser.CommitChanges(); /// 3. 设置密码 SetPassword(newuser, password); /// 4. 启用帐号 EnableAccount(newuser); /// 5. 添加用户到组 // AddUserToGroup(de, "CN=Employee02,DC=adeos,DC=com", GroupName); AddUserToGroup(de, newuser, GroupName); newuser.Close(); de.Close(); } catch { return false; } return true; } /// <summary> /// 属性设置 /// </summary> /// <param name="de"></param> /// <param name="PropertyName"></param> /// <param name="PropertyValue"></param> public static void SetProperty(DirectoryEntry de, string PropertyName, string PropertyValue) { if (PropertyValue != null) { if (de.Properties.Contains(PropertyName)) { de.Properties[PropertyName][0] = PropertyValue; } else { de.Properties[PropertyName].Add(PropertyValue); } } } /// <summary> /// 密码设置 /// </summary> /// <param name="path"></param> public void SetPassword(DirectoryEntry newuser, string password) { newuser.AuthenticationType = AuthenticationTypes.Secure; object ret = newuser.Invoke("SetPassword", new object[] { password}); newuser.CommitChanges(); } /// <summary> /// 修改密码 /// </summary> /// <param name="login">用户登录名</param> /// <param name="userOldPassword">旧密码</param> /// <param name="userNewPassword">新密码</param> public void ChangePassword(string login, string userOldPassword,string userNewPassword ) { DirectoryEntry de = ADHelper.GetDirectoryEntry(); IEnumerator ie = de.Children.GetEnumerator(); ie.MoveNext(); DirectoryEntry ou = ie.Current as DirectoryEntry; while (ou != null) { DirectorySearcher mySearcher = new DirectorySearcher(ou); mySearcher.Filter = ("(&(objectClass=user) (cn=" + login + "))"); // SearchResult resEnt = mySearcher.FindOne(); DirectoryEntry user = resEnt.GetDirectoryEntry(); user.AuthenticationType = AuthenticationTypes.Secure; user.Invoke("ChangePassword", new object[] { userOldPassword, userNewPassword }); user.CommitChanges(); user.Close(); de.Close(); ou = ie.MoveNext() ? ie.Current as DirectoryEntry : null; } } /// <summary> /// 添加用户到组 /// </summary> /// <param name="de"></param> /// <param name="userDn"></param> /// <param name="GroupName"></param> public bool AddUserToGroup(DirectoryEntry de, string userDn, string GroupName) { DirectorySearcher deSearch = new DirectorySearcher(); deSearch.SearchRoot = de; deSearch.Filter = "(&(objectClass=group) (cn=" + GroupName + "))"; SearchResult Groupresult = deSearch.FindOne(); if (Groupresult != null) { DirectoryEntry user = ADHelper.GetDirectoryEntry(userDn); if (user != null) { DirectoryEntry dirEntry = Groupresult.GetDirectoryEntry(); if (!dirEntry.Properties["member"].Contains(userDn)) { dirEntry.Properties["member"].Add(userDn); } dirEntry.CommitChanges(); dirEntry.Close(); } else { return false; } user.Close(); } else { return false; } return true; } /// <summary> /// 添加用户到组 /// </summary> /// <param name="de"></param> /// <param name="deUser"></param> /// <param name="GroupName"></param> public static void AddUserToGroup(DirectoryEntry de, DirectoryEntry deUser, string GroupName) { DirectorySearcher deSearch = new DirectorySearcher(); deSearch.SearchRoot = de; deSearch.Filter = "(&(objectClass=group) (cn=" + GroupName + "))"; SearchResultCollection results = deSearch.FindAll(); bool isGroupMember = false; if (results.Count > 0) { DirectoryEntry group = ADHelper.GetDirectoryEntry(results[0].Path); object members = group.Invoke("Members", null); foreach (object member in (IEnumerable)members) { DirectoryEntry x = new DirectoryEntry(member); if (x.Name != deUser.Name) { isGroupMember = false; } else { isGroupMember = true; break; } } if (!isGroupMember) { group.Invoke("Add", new object[] { deUser.Path.ToString() }); } group.Close(); } return; } /// <summary> /// 启用账号 /// </summary> /// <param name="de"></param> public void EnableAccount(DirectoryEntry de) { //设置账号密码不过期 int exp = (int)de.Properties["userAccountControl"].Value; de.Properties["userAccountControl"].Value = exp | 0x10000; de.CommitChanges(); //启用账号 int val = (int)de.Properties["userAccountControl"].Value; de.Properties["userAccountControl"].Value = val & ~0x0002; de.CommitChanges(); } /// <summary> /// 停用账号 /// </summary> /// <param name="de"></param> public void DisableAccount(DirectoryEntry de) { //启用账号 int val = (int)de.Properties["userAccountControl"].Value; de.Properties["userAccountControl"].Value = val | 0x0002; de.CommitChanges(); } /// <summary> /// 检验Email格式是否正确 /// </summary> /// <param name="mail"></param> /// <returns></returns> public bool IsEmail(string mail) { Regex mailPattern = new Regex(@"\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*"); return mailPattern.IsMatch(mail); } /// <summary> /// 搜索被修改过的用户 /// </summary> /// <param name="fromdate"></param> /// <returns></returns> public DataTable GetModifiedUsers(DateTime fromdate) { DataTable dt = new DataTable(); dt.Columns.Add("EmployeeID"); dt.Columns.Add("Name"); dt.Columns.Add("Email"); DirectoryEntry de = ADHelper.GetDirectoryEntry(); DirectorySearcher ds = new DirectorySearcher(de); StringBuilder filter = new StringBuilder(); filter.Append("(&(objectCategory=Person)(objectClass=user)(whenChanged>="); filter.Append(ToADDateString(fromdate)); filter.Append("))"); ds.Filter = filter.ToString(); ds.SearchScope = SearchScope.Subtree; SearchResultCollection results = ds.FindAll(); foreach (SearchResult result in results) { DataRow dr = dt.NewRow(); DirectoryEntry dey = ADHelper.GetDirectoryEntry(result.Path); dr["EmployeeID"] = dey.Properties["employeeID"].Value; dr["Name"] = dey.Properties["givenname"].Value; dr["Email"] = dey.Properties["mail"].Value; dt.Rows.Add(dr); dey.Close(); } de.Close(); return dt; } /// <summary> /// 格式化AD的时间 /// </summary> /// <param name="date"></param> /// <returns></returns> public string ToADDateString(DateTime date) { string year = date.Year.ToString(); int month = date.Month; int day = date.Day; StringBuilder sb = new StringBuilder(); sb.Append(year); if (month < 10) { sb.Append("0"); } sb.Append(month.ToString()); if (day < 10) { sb.Append("0"); } sb.Append(day.ToString()); sb.Append("000000.0Z"); return sb.ToString(); } }
0 0
- C# 域用户操作
- C# 操作域用户
- C#操作域用户
- C# 域用户操作(转)
- C#对域用户的操作
- C#模拟用户操作域上服务器的文件
- AD用户属性&C#操作实例
- C# 读取域用户
- C#域控操作大全_节点删除_修改密码_添加用户
- C# 操作的时候接收用户输入密码进行确认
- C#实现环信用户和群组操作
- 用户操作
- 用户操作
- C#实现AD域认证用户源代码
- C#实现AD域认证用户源代码
- C# B/S 使用域用户验证
- C#操作AD域补充
- C# Tips:获得当前登录计算机的用户(本地用户/域用户)
- 三层结构复选框勾选控制
- 二手车交易数据接口调用代码返回示例
- 邮箱输入框测试用例
- gcc 、configure 用法
- androidUI开发中的规范
- C# 操作域用户
- java环境变量的配置
- 贝叶斯MATLAB
- 对象的转型
- android studio 1.4 --2015年10月13日从官网下载,提供给不能上官网的孩子
- 运行时加断点 VM disconnected问题
- 编码再解码解决乱码问题
- python学习002
- Android面试题库---横竖屏转换