2023年6月21日发(作者:)
C#域控操作⼤全,节点删除,修改密码,添加⽤户using System;using c;using ;using ;using tions;using ;using oryServices;using se;using ent;using ity;using ;using del;namespace /doc/ er{public class AdHelper{////// 定义域控配置结构///public struct DomainConfig{public string LdapPath;public string AdUser;public string AdPwd;public string DomainName;}////// 初始化域控配置结构//////public static DomainConfig GetConfig(){DomainConfig Config = new DomainConfig();SqlParameter [] Parameter={new SqlParameter("@Type",,4)};Parameter[0].Value=1;DataSet ds = cedure("SCDM_Config_GetModel",Parameter, "SCDM_Config");if ([0]. > 0){th = [0].Rows[0][1].ToString(); = [0].Rows[0][2].ToString(); = [0].Rows[0][3].ToString();string DomainName = "";string[] DomainNameArr = eStr([0].Rows[0][5].ToString()).Split(new char[] { '.' });if ( > 0){foreach (string arrname in DomainNameArr){string DC1 = "DC=" + arrname + ",";DomainName += DC1;}}DomainName = (/doc/ stIndexOf(','));Name = DomainName;}return Config;} /doc/ /doc/tp:///doc/ /doc/////// 获取数据库中跟节点的名称//////public static string GetRootName(){SqlParameter[] Parameter = { new SqlParameter("@Type",, 4) };Parameter[0].Value = 1;DataSet ds = cedure("SCDM_Config_GetModel",Parameter, "SCDM_Config");if ([0]. > 0){return [0].Rows[0][1].ToString();}else{return "";}}////// 域的名称///#region MyRegion///⽤户属性定义标志public enum ADS_USER_FLAG_ENUM{//////登录脚本标志。如果通过ADSI LDAP 进⾏读或写操作时,该标志失效。如果通过ADSI WINNT,该标志为只读。///ADS_UF_SCRIPT = 0X0001,//////⽤户帐号禁⽤标志///ADS_UF_ACCOUNTDISABLE = 0X0002,//////主⽂件夹标志///ADS_UF_HOMEDIR_REQUIRED = 0X0008,//////过期标志///ADS_UF_LOCKOUT = 0X0010,//////⽤户密码不是必须的///ADS_UF_PASSWD_NOTREQD = 0X0020,//////密码不能更改标志///ADS_UF_PASSWD_CANT_CHANGE = 0X0040,//////使⽤可逆的加密保存密码///ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED = 0X0080,//////本地帐号标志///ADS_UF_TEMP_DUPLICATE_ACCOUNT = 0X0100,//////普通⽤户的默认帐号类型ADS_UF_NORMAL_ACCOUNT = 0X0200,//////跨域的信任帐号标志///ADS_UF_INTERDOMAIN_TRUST_ACCOUNT = 0X0800,//////⼯作站信任帐号标志///ADS_UF_WORKSTATION_TRUST_ACCOUNT = 0x1000,//////服务器信任帐号标志///ADS_UF_SERVER_TRUST_ACCOUNT = 0X2000,//////密码永不过期标志///ADS_UF_DONT_EXPIRE_PASSWD = 0X10000,////// MNS 帐号标志///ADS_UF_MNS_LOGON_ACCOUNT = 0X20000,//////交互式登录必须使⽤智能卡///ADS_UF_SMARTCARD_REQUIRED = 0X40000,//////当设置该标志时,服务帐号(⽤户或计算机帐号)将通过Kerberos 委托信任///ADS_UF_TRUSTED_FOR_DELEGA TION = 0X80000,//////当设置该标志时,即使服务帐号是通过Kerberos 委托信任的,敏感帐号不能被委托///ADS_UF_NOT_DELEGATED = 0X100000,//////此帐号需要DES 加密类型///ADS_UF_USE_DES_KEY_ONL Y = 0X200000,//////不要进⾏Kerberos 预⾝份验证ADS_UF_DONT_REQUIRE_PREAUTH = 0X4000000,///⽤户密码过期标志ADS_UF_PASSWORD_EXPIRED = 0X800000,///⽤户帐号可委托标志ADS_UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION = 0X1000000}#endregion#region 获取域上的所有的⽤户列表/// 获取域上的所有的⽤户列表////// ⽤户集合public static ArrayList GetUsers(){ArrayList users = new ArrayList();DirectoryEntry de = GetObjectByAdmin();DirectorySearcher deSearch = new DirectorySearcher(de); = "(&(&(objectCategory=person)(objectClass=user)))";Scope = e;try{SearchResultCollection results = l();for (int i = 0; i < ; i++){DirectoryEntry des = results[i].GetDirectoryEntry();(des);}return users;}catch (Exception e){return null;}}#endregion#region 获取域上的所有⽤户组列表/// 获取域上的所有⽤户组列表////// ⽤户集合public static ArrayList GetGroups(){ArrayList groups = new ArrayList();DirectoryEntry de = GetObjectByAdmin();DirectorySearcher deSearch = new DirectorySearcher(de); = "(objectCategory=group)";Scope = e;SearchResultCollection results;try{results = l();foreach (SearchResult sr in results){DirectoryEntry directoryentry = ectoryEntry();(directoryentry);}return groups;}catch (Exception e){return null;}}#endregion#region 根据⽤户组的名称查找该组下的⽤户成员/// 根据⽤户组的名称查找该组下的⽤户成员////// ⽤户组名称/// ⽤户集合public static ArrayList GetUsersByGroup(string groupName){ArrayList users = new ArrayList();DirectoryEntry SearchRoot = GetObjectByAdmin();DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot); = "(&(objectClass=group)(SAMAccountName="+ groupName + "))";SearchResult results = e();try{if (results != null){DirectoryEntry dirEntry = new DirectoryEntry(,GetConfig().AdUser, GetConfig().AdPwd);tyCollectionpropertyCollection = ties;int count = propertyCollection["member"].Count;for (int i = 0; i < count; i++){string respath = ;string[] pathnavigate = ("CN".ToCharArray());respath = pathnavigate[0];string objpath = propertyCollection["member"][i].ToString();string path = respath + objpath;DirectoryEntry user = new DirectoryEntry(path,GetConfig().AdUser, GetConfig().AdPwd);(user);}}return users;}catch (Exception e){return null;}}#endregion#region 根据⽤户组查找对应的⽤户/// 根据⽤户组查找对应的⽤户////// ArrayList⽤户集合public static ArrayList GetUsersByUserGroup(string GroupName){ArrayList users = new ArrayList();DirectoryEntry SearchRoot = GetObjectByAdmin();DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot); = "(&(objectClass=group)(SAMAccountName="+ GroupName + "))";SearchResult results = e();try{if (results != null){DirectoryEntry dirEntry = new DirectoryEntry(, GetConfig().AdUser,GetConfig().AdPwd);tyCollectionpropertyCollection = ties;int count = propertyCollection["member"].Count;for (int i = 0; i < count; i++){string respath = ;string[] pathnavigate = ("CN".ToCharArray());respath = pathnavigate[0];string objpath = propertyCollection["member"][i].ToString();string path = respath + objpath;DirectoryEntry user = new DirectoryEntry(path,GetConfig().AdUser, GetConfig().AdPwd);(user);}}else{users = null;}return users;}catch (Exception e){return null;}}#endregion#region 根据⽤户名称查找对应的组/// 根据⽤户名称查找对应的组////// ⽤户名/// ArrayList⽤户组集合public static ArrayList GetGroupsByUser(string username){DirectoryEntry directoryentry = GetObjectByAdmin();DirectorySearcher ds = new DirectorySearcher(directoryentry); = "(&(sAMAccountName=" + username + "))";("memberof");SearchResult searchresult = e();ArrayList results = new ArrayList();if (searchresult == null){results = null;}else{if (ties["memberof"] == null){return (null);}for (int i = 0; i < ties["memberof"].Count; i++){string theGroupPath = ties["memberof"][i].ToString();(ing(3,f(",") - 3));}}();return (results);}#endregion#region 以管理员的⾝份登陆域/// 以管理员的⾝份登陆域////// Ldap地址/// ⽤户名称/// ⽤户密码/// 返回DirectoryEntry对象public static DirectoryEntry GetObjectByAdmin(){DirectoryEntry entry = new DirectoryEntry(GetConfig().LdapPath,GetConfig().AdUser, GetConfig().AdPwd,);return entry;}////// 测试域控链接的⽅法////// 域控管理员⽤户名///public static DirectoryEntry TestAD(string UserName){DirectoryEntry de = GetObjectByAdmin();DirectorySearcher deSearch = new DirectorySearcher(de); = "(&(objectClass=group)(cn=" + UserName + "))";Scope = e;try{SearchResult result = e();de = new DirectoryEntry();return de;}catch{return null;}}#endregion#region 以管理员的⾝份登陆域////// 以管理员的⾝份登陆域////// Ldap地址/// ⽤户名称/// ⽤户密码/// 返回DirectoryEntry对象private static DirectoryEntry GetDirectoryObject(stringdomainReference){DirectoryEntry entry = new DirectoryEntry(GetConfig().LdapPath + domainReference,GetConfig().AdUser,GetConfig().AdPwd,);return entry;}#endregion#region 根据⽤户名称查找对应的组////// 根据⽤户名称查找对应的组////// ⽤户名/// ⽤户组字符串以,隔开public static string GetGroupsByUserString(string username){string groups = "";DirectoryEntry directoryentry = GetObjectByAdmin();DirectorySearcher ds = new DirectorySearcher(directoryentry); = "(&(sAMAccountName=" + username + "))";("memberof");SearchResult searchresult = e();if (searchresult != null){if (ties["memberof"] == null){return (null);}ArrayList results = new ArrayList();for (int i = 0; i < ties["memberof"].Count; i++){string theGroupPath = ties["memberof"][i].ToString();groups += ing(3, f(",") - 3) + ",";}}();if ( > 0){groups = (/doc/ stIndexOf(','));}return groups;}#endregion#region ⽤户⾝份验证////// ⽤户⾝份验证////// ⽤户账号名称/// ⽤户账号密码/// 验证结果public static bool IsAuthenticated(string UserID, string Password){bool result = false;DirectoryEntry entry = GetObjectByAdmin(UserID, Password);try{DirectorySearcher search = new DirectorySearcher(entry); = "(SAMAccountName=" + UserID + ")";SearchResult searchResult = e();if (searchResult != null){result = true;}return result;}catch (Exception ex){return result;}}#endregion#region MyRegion////// 根据⽤户名密码获取DirectoryEntry对象////// 登陆名/// 密码/// DirectoryEntryprivate static DirectoryEntry GetObjectByAdmin(string UserID, stringPassword){DirectoryEntry entry = new DirectoryEntry(GetConfig().LdapPath,GetConfig().AdUser,GetConfig().AdPwd);return entry;}#endregion#region 域控成员⾝份验证////// 域控成员⾝份验证////// 域控的地址/// 登陆⽤户名/// 登陆密码/// 验证结果true或者falsepublic static bool IsAuthenticated(string LdapPath, string UserName,string PassWord){DirectoryEntry entry = GetObjectByAdmin(LdapPath, UserName,PassWord);try{DirectorySearcher search = new DirectorySearcher(entry); = "(SAMAccountName=" + UserName + ")";SearchResult result = e();if (null == result){return false;}else{return true;}}catch (Exception ex){return false;}}#endregion#region 以管理员登陆域控////// 以管理员登陆域控////// 域控的地址/// 登录名称/// 登陆密码/// DirectoryEntrypublic static DirectoryEntry GetObjectByAdmin(string LdapPath, stringUserName, string PassWord){try{DirectoryEntry entry = new DirectoryEntry(LdapPath, UserName,PassWord);if ( == null){return null;}else{return entry;}}catch{return null;}}#endregion#region 根据⽤户名获取⽤户实体对象////// 根据⽤户名称获取⽤户的实体对象////// ⽤户账号名称/// ⽤户实体对象public static ModelUsers GetUserModel(string AccoutName){DirectoryEntry der = ectoryEntry(AccoutName);DirectoryEntry de = GetObjectByAdmin();DirectorySearcher desearcher = new DirectorySearcher(de); = "(&(&(objectCategory=person)(objectClass=user))(cn=" + AccoutName + "))";Scope = e;try{SearchResult SeaRes = e();DirectoryEntry DireEnt = new DirectoryEntry(,GetConfig().AdUser, GetConfig().AdPwd, );ModelUsers UserModel = new ModelUsers();if (DireEnt == null){UserModel = null;return UserModel;}else{ame = ties ["sAMAccountName"].ng();/doc/ ername =/doc/ ; = ties["Mail"].Value == null ? "" : ties["Mail"].ng();ption = ties ["description"].Value == null ? "" : ties["description"].ng();if( ties["telephoneNumber"].Count>0) = ties["telephoneNumber"][0].ToString() == null ? "" : ties["telephoneNumber"][0].ToString();if (ties["userPassword"].Count > 0){rd = ties["userPassword"].ng();string m = ties["userPassword"][0].ToString();}else{}return UserModel;}}catch (Exception e){return null;}}#endregion#region 创建新的⽤户////// 创建新的⽤户////// 路径/// ⽤户实体对象public static void CreateNewUser(string ldapDN, ModelUsers UserModel){DirectoryEntry entry = GetObjectByAdmin();DirectoryEntry subEntry = new DirectoryEntry(ldapDN,GetConfig().AdUser, GetConfig().AdPwd);DirectoryEntry deUser = ("CN=" + /doc/name, "user");ties["sAMAccountName"].Value = ame;if (ption != ""){ties["description"].Value =ption;}if ( != ""){ties["Mail"].Value = ;}if ( != ""){ties["telephoneNumber"].Add();}/doc/ mitChanges();sword(/doc/ ername,rd);User(/doc/ ername);();}#endregion#region 修改⽤户信息////// 修改⽤户信息////// ⽤户实体对象public static void ModifyUsers(ModelUsers UserModel){DirectoryEntry de = GetDirectoryEntry(/doc/ ername);if (ption != ""){ties["description"].Value = ption;}if ( != ""){ties["Mail"].Value = ;}if ( != ""){if (ties["telephoneNumber"].Count > 0){string m = ties["telephoneNumber"][0].ToString ();ties["telephoneNumber"][0] = ;}else{ties["telephoneNumber"].Add();}}try{/doc/ mitChanges();();if (rd != ""){ties["userPassword"].Add(rd);SetPassword(/doc/ ername, rd);}}catch{}}#endregion#region 启⽤指定名称的⽤户////// 启⽤指定名称的⽤户//////public static void EnableUser(string commonName){EnableUser(GetDirectoryEntry(commonName));}#endregion#region 启⽤指定的⽤户/// 启⽤指定的⽤户//////public static void EnableUser(DirectoryEntry de){ties["userAccountControl"][0] =_USER_FLAG__UF_NORMAL_ACCOUNT |_USER_FLAG__UF_DONT_EXPIRE_PASSWD;/doc/ mitChanges();();}#endregion#region 设置⽤户密码,管理员可以通过它来修改指定⽤户的密码。///设置⽤户密码,管理员可以通过它来修改指定⽤户的密码。///⽤户公共名称///⽤户新密码public static void SetPassword(string commonName, string newPassword){DirectoryEntry de = GetDirectoryEntry(commonName);try{("SetPassword", new object[] { newPassword });}catch(Exception Msg){;}();}#endregion#region 修改⽤户密码///修改⽤户密码///⽤户公共名称///旧密码///新密码public static void ChangeUserPassword(string commonName, stringoldPassword, string newPassword){// to-do: 需要解决密码策略问题DirectoryEntry oUser = GetDirectoryEntry(commonName);("ChangePassword", new Object[] { oldPassword,newPassword });();}#endregion
2023年6月21日发(作者:)
C#域控操作⼤全,节点删除,修改密码,添加⽤户using System;using c;using ;using ;using tions;using ;using oryServices;using se;using ent;using ity;using ;using del;namespace /doc/ er{public class AdHelper{////// 定义域控配置结构///public struct DomainConfig{public string LdapPath;public string AdUser;public string AdPwd;public string DomainName;}////// 初始化域控配置结构//////public static DomainConfig GetConfig(){DomainConfig Config = new DomainConfig();SqlParameter [] Parameter={new SqlParameter("@Type",,4)};Parameter[0].Value=1;DataSet ds = cedure("SCDM_Config_GetModel",Parameter, "SCDM_Config");if ([0]. > 0){th = [0].Rows[0][1].ToString(); = [0].Rows[0][2].ToString(); = [0].Rows[0][3].ToString();string DomainName = "";string[] DomainNameArr = eStr([0].Rows[0][5].ToString()).Split(new char[] { '.' });if ( > 0){foreach (string arrname in DomainNameArr){string DC1 = "DC=" + arrname + ",";DomainName += DC1;}}DomainName = (/doc/ stIndexOf(','));Name = DomainName;}return Config;} /doc/ /doc/tp:///doc/ /doc/////// 获取数据库中跟节点的名称//////public static string GetRootName(){SqlParameter[] Parameter = { new SqlParameter("@Type",, 4) };Parameter[0].Value = 1;DataSet ds = cedure("SCDM_Config_GetModel",Parameter, "SCDM_Config");if ([0]. > 0){return [0].Rows[0][1].ToString();}else{return "";}}////// 域的名称///#region MyRegion///⽤户属性定义标志public enum ADS_USER_FLAG_ENUM{//////登录脚本标志。如果通过ADSI LDAP 进⾏读或写操作时,该标志失效。如果通过ADSI WINNT,该标志为只读。///ADS_UF_SCRIPT = 0X0001,//////⽤户帐号禁⽤标志///ADS_UF_ACCOUNTDISABLE = 0X0002,//////主⽂件夹标志///ADS_UF_HOMEDIR_REQUIRED = 0X0008,//////过期标志///ADS_UF_LOCKOUT = 0X0010,//////⽤户密码不是必须的///ADS_UF_PASSWD_NOTREQD = 0X0020,//////密码不能更改标志///ADS_UF_PASSWD_CANT_CHANGE = 0X0040,//////使⽤可逆的加密保存密码///ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED = 0X0080,//////本地帐号标志///ADS_UF_TEMP_DUPLICATE_ACCOUNT = 0X0100,//////普通⽤户的默认帐号类型ADS_UF_NORMAL_ACCOUNT = 0X0200,//////跨域的信任帐号标志///ADS_UF_INTERDOMAIN_TRUST_ACCOUNT = 0X0800,//////⼯作站信任帐号标志///ADS_UF_WORKSTATION_TRUST_ACCOUNT = 0x1000,//////服务器信任帐号标志///ADS_UF_SERVER_TRUST_ACCOUNT = 0X2000,//////密码永不过期标志///ADS_UF_DONT_EXPIRE_PASSWD = 0X10000,////// MNS 帐号标志///ADS_UF_MNS_LOGON_ACCOUNT = 0X20000,//////交互式登录必须使⽤智能卡///ADS_UF_SMARTCARD_REQUIRED = 0X40000,//////当设置该标志时,服务帐号(⽤户或计算机帐号)将通过Kerberos 委托信任///ADS_UF_TRUSTED_FOR_DELEGA TION = 0X80000,//////当设置该标志时,即使服务帐号是通过Kerberos 委托信任的,敏感帐号不能被委托///ADS_UF_NOT_DELEGATED = 0X100000,//////此帐号需要DES 加密类型///ADS_UF_USE_DES_KEY_ONL Y = 0X200000,//////不要进⾏Kerberos 预⾝份验证ADS_UF_DONT_REQUIRE_PREAUTH = 0X4000000,///⽤户密码过期标志ADS_UF_PASSWORD_EXPIRED = 0X800000,///⽤户帐号可委托标志ADS_UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION = 0X1000000}#endregion#region 获取域上的所有的⽤户列表/// 获取域上的所有的⽤户列表////// ⽤户集合public static ArrayList GetUsers(){ArrayList users = new ArrayList();DirectoryEntry de = GetObjectByAdmin();DirectorySearcher deSearch = new DirectorySearcher(de); = "(&(&(objectCategory=person)(objectClass=user)))";Scope = e;try{SearchResultCollection results = l();for (int i = 0; i < ; i++){DirectoryEntry des = results[i].GetDirectoryEntry();(des);}return users;}catch (Exception e){return null;}}#endregion#region 获取域上的所有⽤户组列表/// 获取域上的所有⽤户组列表////// ⽤户集合public static ArrayList GetGroups(){ArrayList groups = new ArrayList();DirectoryEntry de = GetObjectByAdmin();DirectorySearcher deSearch = new DirectorySearcher(de); = "(objectCategory=group)";Scope = e;SearchResultCollection results;try{results = l();foreach (SearchResult sr in results){DirectoryEntry directoryentry = ectoryEntry();(directoryentry);}return groups;}catch (Exception e){return null;}}#endregion#region 根据⽤户组的名称查找该组下的⽤户成员/// 根据⽤户组的名称查找该组下的⽤户成员////// ⽤户组名称/// ⽤户集合public static ArrayList GetUsersByGroup(string groupName){ArrayList users = new ArrayList();DirectoryEntry SearchRoot = GetObjectByAdmin();DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot); = "(&(objectClass=group)(SAMAccountName="+ groupName + "))";SearchResult results = e();try{if (results != null){DirectoryEntry dirEntry = new DirectoryEntry(,GetConfig().AdUser, GetConfig().AdPwd);tyCollectionpropertyCollection = ties;int count = propertyCollection["member"].Count;for (int i = 0; i < count; i++){string respath = ;string[] pathnavigate = ("CN".ToCharArray());respath = pathnavigate[0];string objpath = propertyCollection["member"][i].ToString();string path = respath + objpath;DirectoryEntry user = new DirectoryEntry(path,GetConfig().AdUser, GetConfig().AdPwd);(user);}}return users;}catch (Exception e){return null;}}#endregion#region 根据⽤户组查找对应的⽤户/// 根据⽤户组查找对应的⽤户////// ArrayList⽤户集合public static ArrayList GetUsersByUserGroup(string GroupName){ArrayList users = new ArrayList();DirectoryEntry SearchRoot = GetObjectByAdmin();DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot); = "(&(objectClass=group)(SAMAccountName="+ GroupName + "))";SearchResult results = e();try{if (results != null){DirectoryEntry dirEntry = new DirectoryEntry(, GetConfig().AdUser,GetConfig().AdPwd);tyCollectionpropertyCollection = ties;int count = propertyCollection["member"].Count;for (int i = 0; i < count; i++){string respath = ;string[] pathnavigate = ("CN".ToCharArray());respath = pathnavigate[0];string objpath = propertyCollection["member"][i].ToString();string path = respath + objpath;DirectoryEntry user = new DirectoryEntry(path,GetConfig().AdUser, GetConfig().AdPwd);(user);}}else{users = null;}return users;}catch (Exception e){return null;}}#endregion#region 根据⽤户名称查找对应的组/// 根据⽤户名称查找对应的组////// ⽤户名/// ArrayList⽤户组集合public static ArrayList GetGroupsByUser(string username){DirectoryEntry directoryentry = GetObjectByAdmin();DirectorySearcher ds = new DirectorySearcher(directoryentry); = "(&(sAMAccountName=" + username + "))";("memberof");SearchResult searchresult = e();ArrayList results = new ArrayList();if (searchresult == null){results = null;}else{if (ties["memberof"] == null){return (null);}for (int i = 0; i < ties["memberof"].Count; i++){string theGroupPath = ties["memberof"][i].ToString();(ing(3,f(",") - 3));}}();return (results);}#endregion#region 以管理员的⾝份登陆域/// 以管理员的⾝份登陆域////// Ldap地址/// ⽤户名称/// ⽤户密码/// 返回DirectoryEntry对象public static DirectoryEntry GetObjectByAdmin(){DirectoryEntry entry = new DirectoryEntry(GetConfig().LdapPath,GetConfig().AdUser, GetConfig().AdPwd,);return entry;}////// 测试域控链接的⽅法////// 域控管理员⽤户名///public static DirectoryEntry TestAD(string UserName){DirectoryEntry de = GetObjectByAdmin();DirectorySearcher deSearch = new DirectorySearcher(de); = "(&(objectClass=group)(cn=" + UserName + "))";Scope = e;try{SearchResult result = e();de = new DirectoryEntry();return de;}catch{return null;}}#endregion#region 以管理员的⾝份登陆域////// 以管理员的⾝份登陆域////// Ldap地址/// ⽤户名称/// ⽤户密码/// 返回DirectoryEntry对象private static DirectoryEntry GetDirectoryObject(stringdomainReference){DirectoryEntry entry = new DirectoryEntry(GetConfig().LdapPath + domainReference,GetConfig().AdUser,GetConfig().AdPwd,);return entry;}#endregion#region 根据⽤户名称查找对应的组////// 根据⽤户名称查找对应的组////// ⽤户名/// ⽤户组字符串以,隔开public static string GetGroupsByUserString(string username){string groups = "";DirectoryEntry directoryentry = GetObjectByAdmin();DirectorySearcher ds = new DirectorySearcher(directoryentry); = "(&(sAMAccountName=" + username + "))";("memberof");SearchResult searchresult = e();if (searchresult != null){if (ties["memberof"] == null){return (null);}ArrayList results = new ArrayList();for (int i = 0; i < ties["memberof"].Count; i++){string theGroupPath = ties["memberof"][i].ToString();groups += ing(3, f(",") - 3) + ",";}}();if ( > 0){groups = (/doc/ stIndexOf(','));}return groups;}#endregion#region ⽤户⾝份验证////// ⽤户⾝份验证////// ⽤户账号名称/// ⽤户账号密码/// 验证结果public static bool IsAuthenticated(string UserID, string Password){bool result = false;DirectoryEntry entry = GetObjectByAdmin(UserID, Password);try{DirectorySearcher search = new DirectorySearcher(entry); = "(SAMAccountName=" + UserID + ")";SearchResult searchResult = e();if (searchResult != null){result = true;}return result;}catch (Exception ex){return result;}}#endregion#region MyRegion////// 根据⽤户名密码获取DirectoryEntry对象////// 登陆名/// 密码/// DirectoryEntryprivate static DirectoryEntry GetObjectByAdmin(string UserID, stringPassword){DirectoryEntry entry = new DirectoryEntry(GetConfig().LdapPath,GetConfig().AdUser,GetConfig().AdPwd);return entry;}#endregion#region 域控成员⾝份验证////// 域控成员⾝份验证////// 域控的地址/// 登陆⽤户名/// 登陆密码/// 验证结果true或者falsepublic static bool IsAuthenticated(string LdapPath, string UserName,string PassWord){DirectoryEntry entry = GetObjectByAdmin(LdapPath, UserName,PassWord);try{DirectorySearcher search = new DirectorySearcher(entry); = "(SAMAccountName=" + UserName + ")";SearchResult result = e();if (null == result){return false;}else{return true;}}catch (Exception ex){return false;}}#endregion#region 以管理员登陆域控////// 以管理员登陆域控////// 域控的地址/// 登录名称/// 登陆密码/// DirectoryEntrypublic static DirectoryEntry GetObjectByAdmin(string LdapPath, stringUserName, string PassWord){try{DirectoryEntry entry = new DirectoryEntry(LdapPath, UserName,PassWord);if ( == null){return null;}else{return entry;}}catch{return null;}}#endregion#region 根据⽤户名获取⽤户实体对象////// 根据⽤户名称获取⽤户的实体对象////// ⽤户账号名称/// ⽤户实体对象public static ModelUsers GetUserModel(string AccoutName){DirectoryEntry der = ectoryEntry(AccoutName);DirectoryEntry de = GetObjectByAdmin();DirectorySearcher desearcher = new DirectorySearcher(de); = "(&(&(objectCategory=person)(objectClass=user))(cn=" + AccoutName + "))";Scope = e;try{SearchResult SeaRes = e();DirectoryEntry DireEnt = new DirectoryEntry(,GetConfig().AdUser, GetConfig().AdPwd, );ModelUsers UserModel = new ModelUsers();if (DireEnt == null){UserModel = null;return UserModel;}else{ame = ties ["sAMAccountName"].ng();/doc/ ername =/doc/ ; = ties["Mail"].Value == null ? "" : ties["Mail"].ng();ption = ties ["description"].Value == null ? "" : ties["description"].ng();if( ties["telephoneNumber"].Count>0) = ties["telephoneNumber"][0].ToString() == null ? "" : ties["telephoneNumber"][0].ToString();if (ties["userPassword"].Count > 0){rd = ties["userPassword"].ng();string m = ties["userPassword"][0].ToString();}else{}return UserModel;}}catch (Exception e){return null;}}#endregion#region 创建新的⽤户////// 创建新的⽤户////// 路径/// ⽤户实体对象public static void CreateNewUser(string ldapDN, ModelUsers UserModel){DirectoryEntry entry = GetObjectByAdmin();DirectoryEntry subEntry = new DirectoryEntry(ldapDN,GetConfig().AdUser, GetConfig().AdPwd);DirectoryEntry deUser = ("CN=" + /doc/name, "user");ties["sAMAccountName"].Value = ame;if (ption != ""){ties["description"].Value =ption;}if ( != ""){ties["Mail"].Value = ;}if ( != ""){ties["telephoneNumber"].Add();}/doc/ mitChanges();sword(/doc/ ername,rd);User(/doc/ ername);();}#endregion#region 修改⽤户信息////// 修改⽤户信息////// ⽤户实体对象public static void ModifyUsers(ModelUsers UserModel){DirectoryEntry de = GetDirectoryEntry(/doc/ ername);if (ption != ""){ties["description"].Value = ption;}if ( != ""){ties["Mail"].Value = ;}if ( != ""){if (ties["telephoneNumber"].Count > 0){string m = ties["telephoneNumber"][0].ToString ();ties["telephoneNumber"][0] = ;}else{ties["telephoneNumber"].Add();}}try{/doc/ mitChanges();();if (rd != ""){ties["userPassword"].Add(rd);SetPassword(/doc/ ername, rd);}}catch{}}#endregion#region 启⽤指定名称的⽤户////// 启⽤指定名称的⽤户//////public static void EnableUser(string commonName){EnableUser(GetDirectoryEntry(commonName));}#endregion#region 启⽤指定的⽤户/// 启⽤指定的⽤户//////public static void EnableUser(DirectoryEntry de){ties["userAccountControl"][0] =_USER_FLAG__UF_NORMAL_ACCOUNT |_USER_FLAG__UF_DONT_EXPIRE_PASSWD;/doc/ mitChanges();();}#endregion#region 设置⽤户密码,管理员可以通过它来修改指定⽤户的密码。///设置⽤户密码,管理员可以通过它来修改指定⽤户的密码。///⽤户公共名称///⽤户新密码public static void SetPassword(string commonName, string newPassword){DirectoryEntry de = GetDirectoryEntry(commonName);try{("SetPassword", new object[] { newPassword });}catch(Exception Msg){;}();}#endregion#region 修改⽤户密码///修改⽤户密码///⽤户公共名称///旧密码///新密码public static void ChangeUserPassword(string commonName, stringoldPassword, string newPassword){// to-do: 需要解决密码策略问题DirectoryEntry oUser = GetDirectoryEntry(commonName);("ChangePassword", new Object[] { oldPassword,newPassword });();}#endregion
![[原创]archery平台升级部署实践](/uploads/image/0873.jpg)
发布评论