c# 操作ad域使用者
阿新 • • 發佈:2019-01-04
測試環境:win2008r2伺服器
ad域伺服器安裝參考:https://www.cnblogs.com/cnjavahome/p/9029665.html
密碼策略修改參考:https://blog.csdn.net/zouyujie1127/article/details/40857675
工作機dns設定為ad域伺服器的ip
using:
using System.DirectoryServices;
using System.DirectoryServices.AccountManagement;
獲取組織單位:
public DirectoryEntry GetOU(DirectoryEntry parent, string ouname) { DirectorySearcher mySearcher = new DirectorySearcher(parent, "(objectclass=organizationalUnit)"); DirectorySearcher deSearch = new DirectorySearcher(); deSearch.SearchRoot = parent; deSearch.Filter = string.Format("(&(objectClass=organizationalUnit) (OU={0}))", ouname); SearchResult results = deSearch.FindOne(); if (results != null) { return results.GetDirectoryEntry(); } else { return null; } }
建組織單位:
public void AddOU(DirectoryEntry parent, string ouname)
{
DirectoryEntries ous = parent.Children;
DirectoryEntry ou = ous.Add("OU=" + ouname, "organizationalUnit");
ou.CommitChanges();
ou.Close();
}
建立連線:
public PrincipalContext createConnection(List<string> oupath = null) { string path = ""; foreach (string str in _domainArr) { path += string.Format(",DC={0}", str); } if (oupath != null) { string tmp = ""; for (int i = oupath.Count - 1; i >= 0; i--) { tmp += string.Format(",OU={0}", oupath[i]); } tmp = tmp.Substring(1); path = tmp + path; } else { path = path.Substring(1); } var context = new PrincipalContext(ContextType.Domain, _domain, path, ContextOptions.Negotiate, _adminName, _adminPass); return context; }
建使用者:
public void AddUser(PrincipalContext context, string barcode, string userName, string passWord) { using (UserPrincipal u = new UserPrincipal(context, barcode, passWord, true)) { u.Name = barcode; u.DisplayName = userName; u.UserCannotChangePassword = true; u.PasswordNotRequired = true; u.PasswordNeverExpires = true; u.UserPrincipalName = barcode + "@" + _domain; u.Save(); } }
修改密碼:
public void EditPass(string userName, string passWord)
{
using (var context = createConnection())
{
UserPrincipal user = UserPrincipal.FindByIdentity(context, userName);
if (user != null)
{
user.SetPassword(passWord);
user.Save();
}
}
}
刪除使用者:
public void DelUser(string userName)
{
using (var context = createConnection())
{
UserPrincipal user = UserPrincipal.FindByIdentity(context, userName);
if (user != null)
{
user.Delete();
}
}
}
登入驗證:
public bool login(string name, string password)
{
DirectoryEntry root = null;
try
{
string ADPath = rootPath();
root = new DirectoryEntry(ADPath, name, password, AuthenticationTypes.Secure);
string strName = root.Name;
root.Close();
root = null;
return true;
}
catch (Exception ex)
{
System.Diagnostics.Debug.WriteLine(ex.Message);
return false;
}
}