C# 操作域用户
2015-10-13 15:45
417 查看
class ADHelper
{
/// <summary>
/// 域名称
/// </summary>
static string domainName;
/// <summary>
/// 管理员帐号
/// </summary>
static string adAdmin;
/// <summary>
/// 管理员密码
/// </summary>
static string password;
static ADHelper()
{
domainName = ConfigurationManager.AppSettings["domainName"];
adAdmin = ConfigurationManager.AppSettings["adAdmin"];
password = ConfigurationManager.AppSettings["password"]; ;
}
#region 创建AD连接
/// <summary>
/// 创建AD连接
/// </summary>
/// <returns></returns>
public static DirectoryEntry GetDirectoryEntry()
{
DirectoryEntry adRoot = new DirectoryEntry("LDAP://" + domainName, adAdmin, password, AuthenticationTypes.Secure);
return adRoot;
}
#endregion
#region 获取目录实体集合
/// <summary>
/// 获取目录实体集合
/// </summary>
/// <param name="DomainReference"></param>
/// <returns></returns>
public static DirectoryEntry GetDirectoryEntry(string DomainReference)
{
DirectoryEntry entry = new DirectoryEntry(DomainReference, adAdmin, password, AuthenticationTypes.Secure);
return entry;
}
#endregion
}
public class ADManager
{
/// <summary>
/// 判断是否存在
/// </summary>
/// <param name="objectName">名称</param>
/// <param name="catalog">类别:User,Group,OU</param>
/// <returns></returns>
public bool ObjectExists(string objectName, string catalog)
{
DirectoryEntry de = ADHelper.GetDirectoryEntry();
DirectorySearcher deSearch = new DirectorySearcher();
deSearch.SearchRoot = de;
switch (catalog)
{
case "User": deSearch.Filter = "(&(objectClass=user) (cn=" + objectName + "))"; break;
case "Group": deSearch.Filter = "(&(objectClass=group) (cn=" + objectName + "))"; break;
case "OU": deSearch.Filter = "(&(objectClass=OrganizationalUnit) (OU=" + objectName + "))"; break;
default: break;
}
SearchResultCollection results = deSearch.FindAll();
if (results.Count == 0)
{
return false;
}
else
{
return true;
}
}
/// <summary>
/// 新建OU
/// </summary>
/// <param name="path"></param>
public void CreateOU(string name)
{
if (!ObjectExists(name, "OU"))
{
DirectoryEntry dse = ADHelper.GetDirectoryEntry();
DirectoryEntries ous = dse.Children;
DirectoryEntry newou = ous.Add("OU=" + name, "OrganizationalUnit");
newou.CommitChanges();
newou.Close();
dse.Close();
}
else
{
Console.WriteLine("OU已存在");
}
}
/// <summary>
/// 新建用户组
/// </summary>
/// <param name="path"></param>
public void CreateGroup(string name)
{
if (!ObjectExists(name, "Group"))
{
DirectoryEntry dse = ADHelper.GetDirectoryEntry();
DirectoryEntries Groups = dse.Children;
DirectoryEntry newgroup = Groups.Add("CN=" + name, "group");
newgroup.CommitChanges();
newgroup.Close();
dse.Close();
}
else
{
Console.WriteLine("用户组已存在");
}
}
/// <summary>
/// 新建用户
/// </summary>
/// <param name="name"></param>
/// <param name="login"></param>
public bool CreateUser(string name, string login, string password, string GroupName)
{
if (ObjectExists(login, "User"))
{
return true;
}
try
{
/// 1. 新建帐号
DirectoryEntry de = ADHelper.GetDirectoryEntry();
DirectoryEntries users = de.Children;
DirectoryEntry newuser = users.Add("CN=" + login, "user");
/// 2. 设置属性
SetProperty(newuser, "givenname", name);
SetProperty(newuser, "SAMAccountName", login);
SetProperty(newuser, "userPrincipalName", login);
SetProperty(newuser, "Description", "Create User By EosSoft System");
newuser.CommitChanges();
/// 3. 设置密码
SetPassword(newuser, password);
/// 4. 启用帐号
EnableAccount(newuser);
/// 5. 添加用户到组
// AddUserToGroup(de, "CN=Employee02,DC=adeos,DC=com", GroupName);
AddUserToGroup(de, newuser, GroupName);
newuser.Close();
de.Close();
}
catch
{
return false;
}
return true;
}
/// <summary>
/// 属性设置
/// </summary>
/// <param name="de"></param>
/// <param name="PropertyName"></param>
/// <param name="PropertyValue"></param>
public static void SetProperty(DirectoryEntry de, string PropertyName, string PropertyValue)
{
if (PropertyValue != null)
{
if (de.Properties.Contains(PropertyName))
{
de.Properties[PropertyName][0] = PropertyValue;
}
else
{
de.Properties[PropertyName].Add(PropertyValue);
}
}
}
/// <summary>
/// 密码设置
/// </summary>
/// <param name="path"></param>
public void SetPassword(DirectoryEntry newuser, string password)
{
newuser.AuthenticationType = AuthenticationTypes.Secure;
object ret = newuser.Invoke("SetPassword", new object[] { password});
newuser.CommitChanges();
}
/// <summary>
/// 修改密码
/// </summary>
/// <param name="login">用户登录名</param>
/// <param name="userOldPassword">旧密码</param>
/// <param name="userNewPassword">新密码</param>
public void ChangePassword(string login, string userOldPassword,string userNewPassword )
{
DirectoryEntry de = ADHelper.GetDirectoryEntry();
IEnumerator ie = de.Children.GetEnumerator();
ie.MoveNext();
DirectoryEntry ou = ie.Current as DirectoryEntry;
while (ou != null)
{
DirectorySearcher mySearcher = new DirectorySearcher(ou);
mySearcher.Filter = ("(&(objectClass=user) (cn=" + login + "))"); //
SearchResult resEnt = mySearcher.FindOne();
DirectoryEntry user = resEnt.GetDirectoryEntry();
user.AuthenticationType = AuthenticationTypes.Secure;
user.Invoke("ChangePassword", new object[] { userOldPassword, userNewPassword });
user.CommitChanges();
user.Close();
de.Close();
ou = ie.MoveNext() ? ie.Current as DirectoryEntry : null;
}
}
/// <summary>
/// 添加用户到组
/// </summary>
/// <param name="de"></param>
/// <param name="userDn"></param>
/// <param name="GroupName"></param>
public bool AddUserToGroup(DirectoryEntry de, string userDn, string GroupName)
{
DirectorySearcher deSearch = new DirectorySearcher();
deSearch.SearchRoot = de;
deSearch.Filter = "(&(objectClass=group) (cn=" + GroupName + "))";
SearchResult Groupresult = deSearch.FindOne();
if (Groupresult != null)
{
DirectoryEntry user = ADHelper.GetDirectoryEntry(userDn);
if (
4000
user != null)
{
DirectoryEntry dirEntry = Groupresult.GetDirectoryEntry();
if (!dirEntry.Properties["member"].Contains(userDn))
{
dirEntry.Properties["member"].Add(userDn);
}
dirEntry.CommitChanges();
dirEntry.Close();
}
else
{
return false;
}
user.Close();
}
else
{
return false;
}
return true;
}
/// <summary>
/// 添加用户到组
/// </summary>
/// <param name="de"></param>
/// <param name="deUser"></param>
/// <param name="GroupName"></param>
public static void AddUserToGroup(DirectoryEntry de, DirectoryEntry deUser, string GroupName)
{
DirectorySearcher deSearch = new DirectorySearcher();
deSearch.SearchRoot = de;
deSearch.Filter = "(&(objectClass=group) (cn=" + GroupName + "))";
SearchResultCollection results = deSearch.FindAll();
bool isGroupMember = false;
if (results.Count > 0)
{
DirectoryEntry group = ADHelper.GetDirectoryEntry(results[0].Path);
object members = group.Invoke("Members", null);
foreach (object member in (IEnumerable)members)
{
DirectoryEntry x = new DirectoryEntry(member);
if (x.Name != deUser.Name)
{
isGroupMember = false;
}
else
{
isGroupMember = true;
break;
}
}
if (!isGroupMember)
{
group.Invoke("Add", new object[] { deUser.Path.ToString() });
}
group.Close();
}
return;
}
/// <summary>
/// 启用账号
/// </summary>
/// <param name="de"></param>
public void EnableAccount(DirectoryEntry de)
{
//设置账号密码不过期
int exp = (int)de.Properties["userAccountControl"].Value;
de.Properties["userAccountControl"].Value = exp | 0x10000;
de.CommitChanges();
//启用账号
int val = (int)de.Properties["userAccountControl"].Value;
de.Properties["userAccountControl"].Value = val & ~0x0002;
de.CommitChanges();
}
/// <summary>
/// 停用账号
/// </summary>
/// <param name="de"></param>
public void DisableAccount(DirectoryEntry de)
{
//启用账号
int val = (int)de.Properties["userAccountControl"].Value;
de.Properties["userAccountControl"].Value = val | 0x0002;
de.CommitChanges();
}
/// <summary>
/// 检验Email格式是否正确
/// </summary>
/// <param name="mail"></param>
/// <returns></returns>
public bool IsEmail(string mail)
{
Regex mailPattern = new Regex(@"\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*");
return mailPattern.IsMatch(mail);
}
/// <summary>
/// 搜索被修改过的用户
/// </summary>
/// <param name="fromdate"></param>
/// <returns></returns>
public DataTable GetModifiedUsers(DateTime fromdate)
{
DataTable dt = new DataTable();
dt.Columns.Add("EmployeeID");
dt.Columns.Add("Name");
dt.Columns.Add("Email");
DirectoryEntry de = ADHelper.GetDirectoryEntry();
DirectorySearcher ds = new DirectorySearcher(de);
StringBuilder filter = new StringBuilder();
filter.Append("(&(objectCategory=Person)(objectClass=user)(whenChanged>=");
filter.Append(ToADDateString(fromdate));
filter.Append("))");
ds.Filter = filter.ToString();
ds.SearchScope = SearchScope.Subtree;
SearchResultCollection results = ds.FindAll();
foreach (SearchResult result in results)
{
DataRow dr = dt.NewRow();
DirectoryEntry dey = ADHelper.GetDirectoryEntry(result.Path);
dr["EmployeeID"] = dey.Properties["employeeID"].Value;
dr["Name"] = dey.Properties["givenname"].Value;
dr["Email"] = dey.Properties["mail"].Value;
dt.Rows.Add(dr);
dey.Close();
}
de.Close();
return dt;
}
/// <summary>
/// 格式化AD的时间
/// </summary>
/// <param name="date"></param>
/// <returns></returns>
public string ToADDateString(DateTime date)
{
string year = date.Year.ToString();
int month = date.Month;
int day = date.Day;
StringBuilder sb = new StringBuilder();
sb.Append(year);
if (month < 10)
{
sb.Append("0");
}
sb.Append(month.ToString());
if (day < 10)
{
sb.Append("0");
}
sb.Append(day.ToString());
sb.Append("000000.0Z");
return sb.ToString();
}
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- C#中Arraylist的sort函数用法实例分析
- C#中关于@的用法
- c#中字符串按指定字符进行数组化,并按指定要求格式化数组内的字符串
- C#简单输出日历的方法
- C# 独占方式打开 Access
- C#接口实现方法实例分析
- C# 的关键字详细介绍(转)
- c# base64 编码解码
- c#使用Socket获取网页(含自动跳转, 解压网页)
- c#使用Socket获取网页(含自动跳转, 解压网页)
- C# Socket 实现的淘宝秒杀器(抢拍器)
- C# Socket 实现的淘宝秒杀器(抢拍器)
- c# 计算两个日期之间相差的小时数
- c# 计算文字高度
- C#利用控件拖拽技术制作拼图游戏
- C# Main方法的传入参数研究
- C#的WebBrowser操作frame实例解析
- C#下载网页并在控制台输出的方法
- C#模拟window操作鼠标的方法
- c#实现断点续传功能示例分享