C#　Windows帐户和目录添加用户权限方法

/// <summary>
/// 目录权限
/// </summary>
public enum FloderRights
{
FullControl,
Read,
Write
}

/// <summary>
/// 创建Windows帐户
/// </summary>
/// <param name="pathname"></param>
/// <returns></returns>
public static void CreateLocalUser(string username, string password, string description)
{
DirectoryEntry dirEntry = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer");
var NewUser = dirEntry.Children.Add(username, "user");
NewUser.Invoke("SetPassword", new object[] { password });
NewUser.Invoke("Put", new object[] { "Description", description });
NewUser.CommitChanges();
}

/// <summary>
/// 更改Windows帐户密码
/// </summary>
/// <param name="username"></param>
/// <param name="oldPwd"></param>
/// <param name="newPwd"></param>
public static void ChangeWinUserPasswd(string username, string oldPwd, string newPwd)
{
DirectoryEntry dirEntry = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer");
DirectoryEntry userEntry = dirEntry.Children.Find(username, "user");
object[] password = new object[] { newPwd, oldPwd };
object ret = userEntry.Invoke("ChangePassword", password);
userEntry.CommitChanges();
}

/// <summary>
/// 给目录添加用户和权限
/// </summary>
/// <param name="pathname"></param>
/// <param name="username"></param>
/// <param name="qx"></param>
public static void AddPathRights(string pathname, string username, FloderRights qx)
{
DirectoryInfo dirinfo = new DirectoryInfo(pathname);
if ((dirinfo.Attributes & FileAttributes.ReadOnly) != 0)
{
dirinfo.Attributes = FileAttributes.Normal;
}
//取得访问控制列表
DirectorySecurity dirsecurity = dirinfo.GetAccessControl();
// string strDomain = Dns.GetHostName();
switch (qx)
{
case FloderRights.FullControl:
dirsecurity.AddAccessRule(new FileSystemAccessRule(username, FileSystemRights.FullControl, AccessControlType.Allow));
break;
case FloderRights.Read:
dirsecurity.AddAccessRule(new FileSystemAccessRule(username, FileSystemRights.Read, AccessControlType.Allow));
break;
case FloderRights.Write:
dirsecurity.AddAccessRule(new FileSystemAccessRule(username, FileSystemRights.Write, AccessControlType.Allow));
break;
default:
dirsecurity.AddAccessRule(new FileSystemAccessRule(username, FileSystemRights.FullControl, AccessControlType.Deny));
break;
}

dirinfo.SetAccessControl(dirsecurity);

//取消目录从父继承
DirectorySecurity dirSecurity = System.IO.Directory.GetAccessControl(pathname);
dirSecurity.SetAccessRuleProtection(true, false);
System.IO.Directory.SetAccessControl(pathname, dirSecurity);

//AccessControlType.Allow允许访问受保护对象//Deny拒绝访问受保护对象
//FullControl、Read 和 Write 完全控制,读,写
//FileSystemRights.Write写入//Delete删除 //DeleteSubdirectoriesAndFiles删除文件夹和文件//ListDirectory读取
//Modify读写删除-修改//只读打开文件和复制//
}

/// <summary>
/// 判断Windows用户是否存在
/// </summary>
/// <param name="username"></param>
/// <returns></returns>
public static bool ExistWinUser(string username)
{
try
{
using (DirectoryEntry dirEntry = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer"))
{
//删除存在用户
var delUser = dirEntry.Children.Find(username, "user");
return delUser != null;
}
}
catch
{
return false;
}
}

/// <summary>
/// 删除Windows用户
/// </summary>
/// <param name="username"></param>
/// <returns></returns>
public static bool DeleteWinUser(string username)
{
try
{
using (DirectoryEntry dirEntry = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer"))
{
//删除存在用户
var delUser = dirEntry.Children.Find(username, "user");
if (delUser != null)
{
dirEntry.Children.Remove(delUser);
}
}
return true;
}
catch
{
return false;
}
}