C#操作Active Directory(AD)增刪改查(各種操作)
阿新 • • 發佈:2020-11-17
public class OperateAD { #region 變數 /// <summary> /// 域名 /// </summary> private string _domain; /// <summary> /// 主機域IP /// </summary> private string _domainIp; /// <summary> /// 管理員賬號 /// </summary>private string adminUser; /// <summary> /// 管理員密碼 /// </summary> private string adminPwd; /// <summary> /// 路徑的最前端 /// </summary> private string _ldapIdentity; /// <summary> /// 路徑的最後端 /// </summary>private string _suffixPath; #endregion 變數 #region 建構函式 /// <summary> /// 建構函式 /// </summary> /// <param name="domain">域名</param> /// <param name="domainIp">服務端IP</param> /// <param name="adUser">使用者管理員</param>/// <param name="adPwd">管理員密碼</param> public OperateAD() { _domain = ConfigurationManager.AppSettings["domain"].ToString();//域名; _domainIp = ConfigurationManager.AppSettings["domainIp"].ToString();//主機域IP adminUser = ConfigurationManager.AppSettings["adUser"].ToString();//管理員賬號 adminPwd = ConfigurationManager.AppSettings["adPwd"].ToString();//管理員密碼 _ldapIdentity = "LDAP://" + _domainIp + "/"; _suffixPath = "DC=" + _domain + ",DC=com"; //呼叫新增域使用者例子 DomainUser du = new DomainUser { UserName = ConfigurationManager.AppSettings["UserName"],//建立使用者名稱 UserPrincipalName = ConfigurationManager.AppSettings["UserPrincipalName"],//使用者登入名 FirstName = ConfigurationManager.AppSettings["FirstName"],//姓 LastName = ConfigurationManager.AppSettings["LastName"],//名 Name = ConfigurationManager.AppSettings["Name"],//全名 Email = ConfigurationManager.AppSettings["Email"],//郵件 PhysicalDeliveryOfficeName = ConfigurationManager.AppSettings["PhysicalDeliveryOfficeName"],//辦公室 Department = ConfigurationManager.AppSettings["Department"],//部門 Telephone = ConfigurationManager.AppSettings["Telephone"],//電話號碼 Description = ConfigurationManager.AppSettings["Description"],//描述 UserPwd = ConfigurationManager.AppSettings["UserPwd"],//使用者密碼 }; } #endregion 建構函式 #region 組織結構下新增AD賬戶 /// <summary> /// 新增AD賬戶 /// </summary> /// <param name="organizeName">組織名稱</param> /// <param name="user">域賬戶</param> /// <returns>新增是否成功</returns> public bool AddADAccount(string organizeName, DomainUser user) { DirectoryEntry entry = null; try { if (ExitOU(organizeName) && user != null) { entry = new DirectoryEntry(GetOrganizeNamePath(organizeName), adminUser, adminPwd, AuthenticationTypes.Secure); //增加賬戶到域中 DirectoryEntry NewUser = entry.Children.Add("CN=" + user.UserName, "user"); NewUser.Properties["sAMAccountName"].Add(user.UserName); //account NewUser.Properties["userPrincipalName"].Value = user.UserPrincipalName; //user logon name,[email protected] NewUser.Properties["sn"].Value = user.FirstName;//姓 NewUser.Properties["givenName"].Value = user.LastName;//名 NewUser.Properties["initials"].Value = "Ms";//英文縮寫 NewUser.Properties["name"].Value = user.Name;//全名 NewUser.Properties["displayName"].Value = user.UserName; NewUser.Properties["company"].Value = "yidatec"; NewUser.Properties["physicalDeliveryOfficeName"].Value = user.PhysicalDeliveryOfficeName; NewUser.Properties["Department"].Value = user.Department; if (user.Telephone != null && user.Telephone != "") { NewUser.Properties["telephoneNumber"].Value = user.Telephone; } if (user.Email != null && user.Email != "") { NewUser.Properties["mail"].Value = user.Email; } if (user.Description != null && user.Description != "") { NewUser.Properties["description"].Value = user.Description; } NewUser.CommitChanges(); //設定密碼 //反射呼叫修改密碼的方法(注意埠號的問題 埠號會引起方法呼叫異常) NewUser.Invoke("SetPassword", new object[] { user.UserPwd }); //預設設定新增賬戶啟用 NewUser.Properties["userAccountControl"].Value = 0x200; NewUser.CommitChanges(); //DomainUser._success = "賬戶新增成功!"; return true; } else { //DomainUser._failed = "在域中不存在直屬組織單位"; return false; } } catch (System.DirectoryServices.DirectoryServicesCOMException ex) { //DomainUser._failed = "賬戶新增失敗!"+ex.Message.ToString(); return false; } finally { if (entry != null) { entry.Dispose(); } } } #endregion 組織結構下新增AD賬戶 #region 重新命名賬戶 /// <summary> /// 重新命名賬戶 /// </summary> /// <param name="adminUser">管理員名稱</param> /// <param name="adminPassword">管理員密碼</param> /// <param name="oldUserName">原使用者名稱</param> /// <param name="newUserName">新使用者名稱</param> public bool RenameUser(string oldUserName, string newUserName) { try { DirectoryEntry userEntry = FindObject("user", oldUserName); if (userEntry != null) { userEntry.Rename("CN=" + newUserName); userEntry.CommitChanges(); //DomainUser._success = "重新命名成功!"; return true; } //DomainUser._failed = "沒找到使用者!" + oldUserName; return false; } catch (Exception ex) { //DomainUser._failed = "重新命名失敗!"+ex.Message.ToString(); return false; } } #endregion 重新命名賬戶 #region 設定使用者密碼 /// <summary> /// 設定使用者密碼 /// </summary> /// <param name="userName">使用者名稱</param> /// <param name="password">密碼</param> public bool SetUserPassword(string userName, string password) { try { DirectoryEntry userEntry = FindObject("user", userName); if (userEntry != null) { userEntry.Invoke("SetPassword", new object[] { password }); userEntry.CommitChanges(); //DomainUser._success = "密碼設定成功!"; return true; } //DomainUser._failed = "沒找到使用者!" + userName; return false; } catch (Exception ex) { //DomainUser._failed = "密碼設定失敗!"+ex.Message.ToString(); return false; } } #endregion 設定使用者密碼 #region 修改密碼 /// <summary> /// 修改密碼 /// </summary> /// <param name="ude">使用者</param> /// <param name="password">舊密碼</param> /// <param name="password">新密碼</param> public bool ChangePassword(string username, string oldpwd, string newpwd) { try { DirectoryEntry entry = FindObject("user", username); if (entry != null) { // to-do: 需要解決密碼策略問題 entry.Invoke("ChangePassword", new object[] { oldpwd, newpwd }); entry.CommitChanges(); entry.Close(); // DomainUser._success = "密碼修改成功!"; return true; } else { // DomainUser._failed = "沒找到使用者!" + username; return false; } } catch (Exception ex) { //DomainUser._failed = "密碼修改失敗!"+ex.Message.ToString(); return false; } } #endregion 修改密碼 #region 刪除賬戶 /// <summary> /// 刪除AD賬戶,使用當前上下文的安全資訊 /// </summary> /// <param name="userName">使用者名稱稱</param> public bool DeleteADAccount(string userName) { try { DirectoryEntry user = FindObject("user", userName); if (user != null) { using (DirectoryEntry de = new DirectoryEntry(user.Parent.Path, adminUser, adminPwd)) { de.Children.Remove(user); de.CommitChanges(); //DomainUser._success = "賬戶刪除成功!"; return true; } } // DomainUser._failed = "未找到賬戶!"; return false; } catch (Exception ex) { //DomainUser._failed = "賬戶刪除失敗!" + ex.Message.ToString(); return false; } } #endregion 刪除賬戶 #region 建立OU /// <summary> /// 建立OU /// </summary> /// <param name="adminName">管理員名稱</param> /// <param name="adminPassword">管理員密碼</param> /// <param name="name">建立的OU名稱</param> /// <param name="parentOrganizeUnit">父組織單位</param> /// <returns>目錄實體</returns> public DirectoryEntry CreateOrganizeUnit(string name, string parentOrganizeUnit) { DirectoryEntry parentEntry = null; try { //示例頂級"" parentEntry = new DirectoryEntry(GetOrganizeNamePath(parentOrganizeUnit), adminUser, adminPwd, AuthenticationTypes.Secure); DirectoryEntry organizeEntry = parentEntry.Children.Add("OU=" + name, "organizationalUnit"); organizeEntry.CommitChanges(); //DomainUser._success = "組織單位新增成功!"; return organizeEntry; } catch (System.DirectoryServices.DirectoryServicesCOMException ex) { //DomainUser._failed = "新增組織單位失敗!"+ex.Message.ToString(); return new DirectoryEntry(); } finally { if (parentEntry != null) { parentEntry.Dispose(); } } } #endregion 建立OU #region 刪除OU /// <summary> /// 刪除OU /// </summary> /// <param name="name">建立的OU名稱</param> /// <param name="parentOrganizeUnit">父組織單位</param> /// <returns>目錄實體</returns> public bool DeleteOrganizeUnit(string name, string parentOrganizeUnit) { DirectoryEntry parentEntry = null; try { //示例頂級"" parentEntry = new DirectoryEntry(GetOrganizeNamePath(parentOrganizeUnit), adminUser, adminPwd, AuthenticationTypes.Secure); DirectoryEntry organizeEntry = parentEntry.Children.Find("OU=" + name, "organizationalUnit"); //先刪除組織單元下的使用者或者組 parentEntry.Children.Remove(organizeEntry); organizeEntry.CommitChanges(); //DomainUser._success = "組織單位刪除成功!"; return true; } catch (System.DirectoryServices.DirectoryServicesCOMException ex) { //DomainUser._failed = "組織單位刪除失敗!"+ex.Message.ToString(); return false; } finally { if (parentEntry != null) { parentEntry.Dispose(); } } } #endregion 刪除OU #region 建立組 /// <summary> /// 建立組 /// </summary> /// <param name="name">組名</param> /// <param name="OrganizeUnit">組織單位</param> /// <returns>是否建立成功</returns> public bool CreateGroup(string name, string OrganizeUnit) { DirectoryEntry parentEntry = null; try { parentEntry = new DirectoryEntry(GetOrganizeNamePath(OrganizeUnit), adminUser, adminPwd, AuthenticationTypes.Secure); DirectoryEntry groupEntry = parentEntry.Children.Add("CN=" + name, "group"); groupEntry.CommitChanges(); // DomainUser._success = "組建立成功!"; return true; } catch (System.DirectoryServices.DirectoryServicesCOMException ex) { //DomainUser._failed = "組建立失敗!"+ex.Message.ToString(); return false; } finally { if (parentEntry != null) { parentEntry.Dispose(); } } } #endregion 建立組 #region 刪除組 /// <summary> /// 刪除組 /// </summary> /// <param name="name">組名</param> /// <param name="OrganizeUnit">組織單位</param> /// <returns>是否建立成功</returns> public bool DeleteGroup(string name, string OrganizeUnit) { DirectoryEntry parentEntry = null; try { parentEntry = new DirectoryEntry(GetOrganizeNamePath(OrganizeUnit), adminUser, adminPwd, AuthenticationTypes.Secure); DirectoryEntry groupEntry = parentEntry.Children.Find("CN=" + name, "group"); parentEntry.Children.Remove(groupEntry); groupEntry.CommitChanges(); //DomainUser._success = "組刪除成功!"; return true; } catch (System.DirectoryServices.DirectoryServicesCOMException ex) { // DomainUser._failed = "組刪除失敗!" + ex.Message.ToString(); return false; } finally { if (parentEntry != null) { parentEntry.Dispose(); } } } #endregion 刪除組 #region 將使用者加入到使用者組中 /// <summary> /// 將使用者加入到使用者組中 /// </summary> /// <param name="userName">使用者名稱</param> /// <param name="organizeName">組織名</param> /// <param name="groupName">組名</param> /// <param name="groupPath">組所在路徑</param> /// <exception cref="InvalidObjectException">使用者名稱或使用者組不存在</exception> public bool AddUserToGroup(string userName, string groupName, string groupPath) { DirectoryEntry group = null; DirectoryEntry user = null; try { group = ExitGroup(groupName, groupPath); user = ExitUser(userName); if ((group != null) && (user != null)) { //加入使用者到使用者組中 group.Properties["member"].Add(user.Properties["distinguishedName"].Value); group.CommitChanges(); //DomainUser._success = "使用者成功加入組!"; return true; } else { return false; } } catch (Exception ex) { //DomainUser._failed = "加入組失敗!"+ex.Message.ToString(); return false; } } #endregion 將使用者加入到使用者組中 #region 將使用者移除組 /// <summary> /// 將使用者移除組 /// </summary> /// <param name="userName">使用者名稱</param> /// <param name="organizeName">組織名</param> /// <param name="groupName">組名</param> /// <param name="groupPath">組所在路徑</param> /// <exception cref="InvalidObjectException">使用者名稱或使用者組不存在</exception> public bool RemoveUserToGroup(string userName, string groupName, string groupPath) { DirectoryEntry group = null; DirectoryEntry user = null; try { group = ExitGroup(groupName, groupPath); user = ExitUser(userName); if ((group != null) && (user != null)) { //將組中使用者移除 group.Properties["member"].Remove(user.Properties["distinguishedName"].Value); group.CommitChanges(); //DomainUser._success = "//組中使用者移除成功!"; return true; } else { return false; } } catch (Exception ex) { //DomainUser._failed = "加入組失敗!"+ex.Message.ToString(); return false; } } #endregion 將使用者移除組 #region 依據類別使用者名稱 查詢目錄項 /// <summary> /// 查詢目錄項 /// </summary> /// <param name="category">分類 users</param> /// <param name="name">使用者名稱</param> /// <returns>目錄項實體</returns> public DirectoryEntry FindObject(string category, string name) { DirectoryEntry de = null; DirectorySearcher ds = null; DirectoryEntry userEntry = null; try { de = new DirectoryEntry(GetDomainPath(), adminUser, adminPwd, AuthenticationTypes.Secure); ds = new DirectorySearcher(de); string queryFilter = string.Format("(&(objectCategory=" + category + ")(sAMAccountName={0}))", name); ds.Filter = queryFilter; ds.Sort.PropertyName = "cn"; SearchResult sr = ds.FindOne(); if (sr != null) { userEntry = sr.GetDirectoryEntry(); } return userEntry; } catch (Exception ex) { //DomainUser._failed = ex.Message.ToString(); return new DirectoryEntry(); } finally { if (ds != null) { ds.Dispose(); } if (de != null) { de.Dispose(); } } } #endregion 依據類別使用者名稱 查詢目錄項 #region 獲取組織名稱路徑 /// <summary> /// 獲取組織名稱路徑 /// </summary> /// <param name="organizeUnit">組織</param> /// <returns></returns> public string GetOrganizeNamePath(string organizeUnit) { StringBuilder sb = new StringBuilder(); sb.Append(_ldapIdentity); return sb.Append(SplitOrganizeNameToDN(organizeUnit)).ToString(); } #endregion 獲取組織名稱路徑 #region 分隔組織名稱為標準AD的DN名稱 /// <summary> /// 分隔組織名稱為標準AD的DN名稱,各個組織級別以"/"或"\"分開。如"總部/物業公司/小區",並且當前域為 /// bdxy.com,則返回的AD的DN表示名為"OU=小區,OU=物業公司,OU=總部,DC=bdxy,DC=com"。 /// </summary> /// <param name="organizeName">組織名稱</param> /// <returns>返回一個級別</returns> public string SplitOrganizeNameToDN(string organizeName) { StringBuilder sb = new StringBuilder(); if (organizeName.Equals("Users") || string.IsNullOrEmpty(organizeName)) { sb.Append("CN=Users,").Append(_suffixPath); return sb.ToString(); } else { if (organizeName != null && organizeName.Length > 0) { string[] allOu = organizeName.Split(new char[] { '/', '\\' }); for (int i = allOu.Length - 1; i >= 0; i--) { string ou = allOu[i]; if (sb.Length > 0) { sb.Append(","); } sb.Append("OU=").Append(ou); } } //如果傳入了組織名稱,則新增, if (sb.Length > 0) { sb.Append(","); } sb.Append(_suffixPath); return sb.ToString(); } } #endregion 分隔組織名稱為標準AD的DN名稱 #region 獲取域路徑 /// <summary> /// 獲取域路徑 /// </summary> /// <returns>路徑</returns> public string GetDomainPath() { using (DirectoryEntry root = new DirectoryEntry(_ldapIdentity + _suffixPath, adminUser, adminPwd)) { return root.Path; } } #endregion 獲取域路徑 #region 獲取Users容器的路徑 /// <summary> /// 獲取Users容器的下使用者的路徑 /// </summary> /// <param name="userName">使用者名稱</param> /// <returns></returns> private string GetUserPath(string userName) { StringBuilder sb = new StringBuilder(); sb.Append(_ldapIdentity); if (userName != null && userName.Length > 0) { sb.Append("CN=").Append(userName).Append(","); } sb.Append("CN=Users,").Append(_suffixPath); return sb.ToString(); } #endregion 獲取Users容器的路徑 #region 根據使用者所在的組織結構來構造使用者在AD中的DN路徑 /// <summary> /// 根據使用者所在的組織結構來構造使用者在AD中的DN路徑 /// </summary> /// <param name="userName">使用者名稱稱</param> /// <param name="organzieName">組織結構</param> /// <returns></returns> public string GetUserPath(string userName, string organzieName) { StringBuilder sb = new StringBuilder(); sb.Append(_ldapIdentity); sb.Append("CN=").Append(userName).Append(",").Append(SplitOrganizeNameToDN(organzieName)); return sb.ToString(); } #endregion 根據使用者所在的組織結構來構造使用者在AD中的DN路徑 #region 啟用賬戶 /// <summary> /// 啟用賬戶 /// </summary> /// <param name="user"></param> public bool EnableAccount(string userName) { try { DirectoryEntry userEntry = FindObject("user", userName); int val = (int)userEntry.Properties["userAccountControl"].Value; userEntry.Properties["userAccountControl"].Value = val & ~0x2; userEntry.CommitChanges(); userEntry.Close(); //DomainUser._success = "啟用賬戶成功!"; return true; } catch (Exception ex) { //DomainUser._failed = ex.Message.ToString(); return false; } } #endregion 啟用賬戶 #region 停用賬號 /// <summary> /// 停用賬號 /// </summary> /// <param name="user"></param> public bool DisableAccount(string userName) { try { DirectoryEntry userEntry = FindObject("user", userName); userEntry.Properties["userAccountControl"].Value = 0x2; userEntry.CommitChanges(); userEntry.Close(); //DomainUser._success = "停用賬戶成功!"; return true; } catch (System.DirectoryServices.DirectoryServicesCOMException ex) { //DomainUser._failed = ex.Message.ToString(); return false; } } #endregion 停用賬號 #region 判斷使用者是否已經存在域中 /// <summary> /// 判斷使用者是否已經存在域中 /// </summary> /// <param name="userName">使用者名稱</param> /// <returns></returns> private DirectoryEntry ExitUser(string userName) { try { DirectoryEntry de = null; de = FindObject("user", userName); if (de == null) { return new DirectoryEntry(); ; } else { return de; } } catch (Exception ex) { //DomainUser._failed = ex.Message.ToString(); return new DirectoryEntry(); } } #endregion 判斷使用者是否已經存在域中 #region 判斷域中是否存在組 /// <summary> /// 判斷域中是否存在組 /// </summary> /// <param name="groupName">組名</param> /// <returns></returns>lan private DirectoryEntry ExitGroup(string groupName, string groupPath) { DirectoryEntry rootUser = null; DirectoryEntry group = null; try { string path = GetOrganizeNamePath(groupPath); rootUser = new DirectoryEntry(path, adminUser, adminPwd, AuthenticationTypes.Secure); group = rootUser.Children.Find("CN=" + groupName); if (group != null) { return group; } return new DirectoryEntry(); } catch (Exception ex) { // DomainUser._failed = ex.Message.ToString() + "在域中不存在組“" + groupName + "”或路組織單位不正確"; return new DirectoryEntry(); } } #endregion 判斷域中是否存在組 #region 判斷域中是否存在組織單位 /// <summary> /// 判斷域中是否存在組織單位 /// </summary> /// <param name="organizeName">組織單位名</param> /// <returns></returns> private bool ExitOU(string organizeName) { DirectoryEntry rootUser = null; DirectoryEntry ouFind = null; if (string.IsNullOrEmpty(organizeName)) { return true; } else { //分解路徑 string[] allOu = organizeName.Split(new char[] { '/' }); //獲取直屬部門 string OUName = allOu[allOu.Length - 1].ToString(); try { string path = GetOrganizeNamePath(organizeName); rootUser = new DirectoryEntry(path, adminUser, adminPwd, AuthenticationTypes.Secure); ouFind = rootUser.Parent.Children.Find("OU=" + OUName); if (ouFind != null) { return true; } return false; } catch (Exception ex) { //DomainUser._failed = ex.Message.ToString() + "在域中不存在組織單位“" + OUName + "”"; return false; } } } #endregion 判斷域中是否存在組織單位 #region 獲取域使用者資訊 /// <summary> /// 獲取域使用者資訊 /// </summary> /// <param name="path">目錄</param> /// <param name="username">使用者名稱</param> /// <returns></returns> public DomainUser GetAdUserInfo(string userName) { DomainUser du = new DomainUser(); DirectoryEntry de = FindObject("user", userName); if (de != null) { if (de.Properties["samAccountName"].Value != null) { du.UserId = de.Properties["samAccountName"].Value.ToString(); } if (de.Properties["displayName"].Value != null) { du.UserName = de.Properties["displayName"].Value.ToString(); } if (de.Properties["userPrincipalName"].Value != null) { du.UserPrincipalName = de.Properties["userPrincipalName"].Value.ToString(); } if (de.Properties["telephoneNumber"].Value != null) { du.Telephone = de.Properties["telephoneNumber"].Value.ToString(); } if (de.Properties["mail"].Value != null) { du.Email = de.Properties["mail"].Value.ToString(); } if (de.Properties["description"].Value != null) { du.Description = de.Properties["description"].Value.ToString(); } if (de.Properties["Department"].Value != null) { du.Department = de.Properties["Department"].Value.ToString(); } } return du; } #endregion 獲取域使用者資訊 #region 從域中按照使用者名稱查詢使用者 /// <summary> /// 從域中按照使用者名稱查詢使用者 /// </summary> /// <param name="path">路徑</param> /// <param name="AdUser">管理員賬戶</param> /// <param name="AdPwd">管理員密碼</param> /// <param name="username">使用者名稱</param> /// <returns></returns> private DirectoryEntry GetUser(string path, string username) { DirectoryEntry deuser; try { DirectoryEntry de = new DirectoryEntry(path, adminUser, adminPwd); DirectorySearcher deSearch = new DirectorySearcher(de); deSearch.Filter = "(&(objectClass=user)(cn=" + username + "))"; deSearch.SearchScope = SearchScope.Subtree; SearchResult result = deSearch.FindOne(); if (result != null) { deuser = result.GetDirectoryEntry(); return deuser; } else { return null; } } catch (Exception ex) { //DomainUser._failed = ex.Message.ToString(); return null; } } #endregion 從域中按照使用者名稱查詢使用者 #region 進入AD域查詢 /// <summary> /// 查尋使用者資訊 /// </summary> /// <param name="userName">使用者名稱</param> private List<string> AccsesADQuery(string userName) { //定義de進入AD架構 DirectoryEntry de = new DirectoryEntry(GetDomainPath(), adminUser, adminPwd); //定義ds查詢AD DirectorySearcher ds = new DirectorySearcher(de); string value = string.Empty; List<string> domainList = new List<string>(); try { //3.定義查詢 ds.Filter = "(SAMAccountName=" + userName + ")"; ds.PropertiesToLoad.Add("SAMAccountName");//account ds.PropertiesToLoad.Add("Name");//full name ds.PropertiesToLoad.Add("displayName"); ds.PropertiesToLoad.Add("mail"); ds.PropertiesToLoad.Add("sn"); ds.PropertiesToLoad.Add("description"); ds.PropertiesToLoad.Add("Department"); ds.PropertiesToLoad.Add("userPrincipalName");//user logon name,[email protected] ds.PropertiesToLoad.Add("physicalDeliveryOfficeName"); ds.PropertiesToLoad.Add("telephoneNumber"); //查詢一個 SearchResult sr = ds.FindOne(); if (sr != null) { //列出值 foreach (string key in sr.Properties.PropertyNames) { foreach (object obj in de.Properties[key]) { value += key + " = " + obj + Environment.NewLine; domainList.Add(value); } } return domainList; } else { return domainList; } } catch (Exception ex) { //DomainUser._failed = ex.Message.ToString(); return domainList; } finally { if (ds != null) { ds.Dispose(); } if (de != null) { de.Dispose(); } } } #endregion 進入AD域查詢 }
public class DomainUser { public string UserName { get; set; } public string UserPrincipalName { get; set; } public string UserId { get; set; } public string PhysicalDeliveryOfficeName { get; set; } public string Department { get; set; } public string Telephone { get; set; } public string Email { get; set; } public string Description { get; set; } public string UserPwd { get; set; } public string FirstName { get; set; } public string LastName { get; set; } public string Name { get; set; } }