C# 操作域用户
2015-10-13 15:45
417 查看
class ADHelper { /// <summary> /// 域名称 /// </summary> static string domainName; /// <summary> /// 管理员帐号 /// </summary> static string adAdmin; /// <summary> /// 管理员密码 /// </summary> static string password; static ADHelper() { domainName = ConfigurationManager.AppSettings["domainName"]; adAdmin = ConfigurationManager.AppSettings["adAdmin"]; password = ConfigurationManager.AppSettings["password"]; ; } #region 创建AD连接 /// <summary> /// 创建AD连接 /// </summary> /// <returns></returns> public static DirectoryEntry GetDirectoryEntry() { DirectoryEntry adRoot = new DirectoryEntry("LDAP://" + domainName, adAdmin, password, AuthenticationTypes.Secure); return adRoot; } #endregion #region 获取目录实体集合 /// <summary> /// 获取目录实体集合 /// </summary> /// <param name="DomainReference"></param> /// <returns></returns> public static DirectoryEntry GetDirectoryEntry(string DomainReference) { DirectoryEntry entry = new DirectoryEntry(DomainReference, adAdmin, password, AuthenticationTypes.Secure); return entry; } #endregion } public class ADManager { /// <summary> /// 判断是否存在 /// </summary> /// <param name="objectName">名称</param> /// <param name="catalog">类别:User,Group,OU</param> /// <returns></returns> public bool ObjectExists(string objectName, string catalog) { DirectoryEntry de = ADHelper.GetDirectoryEntry(); DirectorySearcher deSearch = new DirectorySearcher(); deSearch.SearchRoot = de; switch (catalog) { case "User": deSearch.Filter = "(&(objectClass=user) (cn=" + objectName + "))"; break; case "Group": deSearch.Filter = "(&(objectClass=group) (cn=" + objectName + "))"; break; case "OU": deSearch.Filter = "(&(objectClass=OrganizationalUnit) (OU=" + objectName + "))"; break; default: break; } SearchResultCollection results = deSearch.FindAll(); if (results.Count == 0) { return false; } else { return true; } } /// <summary> /// 新建OU /// </summary> /// <param name="path"></param> public void CreateOU(string name) { if (!ObjectExists(name, "OU")) { DirectoryEntry dse = ADHelper.GetDirectoryEntry(); DirectoryEntries ous = dse.Children; DirectoryEntry newou = ous.Add("OU=" + name, "OrganizationalUnit"); newou.CommitChanges(); newou.Close(); dse.Close(); } else { Console.WriteLine("OU已存在"); } } /// <summary> /// 新建用户组 /// </summary> /// <param name="path"></param> public void CreateGroup(string name) { if (!ObjectExists(name, "Group")) { DirectoryEntry dse = ADHelper.GetDirectoryEntry(); DirectoryEntries Groups = dse.Children; DirectoryEntry newgroup = Groups.Add("CN=" + name, "group"); newgroup.CommitChanges(); newgroup.Close(); dse.Close(); } else { Console.WriteLine("用户组已存在"); } } /// <summary> /// 新建用户 /// </summary> /// <param name="name"></param> /// <param name="login"></param> public bool CreateUser(string name, string login, string password, string GroupName) { if (ObjectExists(login, "User")) { return true; } try { /// 1. 新建帐号 DirectoryEntry de = ADHelper.GetDirectoryEntry(); DirectoryEntries users = de.Children; DirectoryEntry newuser = users.Add("CN=" + login, "user"); /// 2. 设置属性 SetProperty(newuser, "givenname", name); SetProperty(newuser, "SAMAccountName", login); SetProperty(newuser, "userPrincipalName", login); SetProperty(newuser, "Description", "Create User By EosSoft System"); newuser.CommitChanges(); /// 3. 设置密码 SetPassword(newuser, password); /// 4. 启用帐号 EnableAccount(newuser); /// 5. 添加用户到组 // AddUserToGroup(de, "CN=Employee02,DC=adeos,DC=com", GroupName); AddUserToGroup(de, newuser, GroupName); newuser.Close(); de.Close(); } catch { return false; } return true; } /// <summary> /// 属性设置 /// </summary> /// <param name="de"></param> /// <param name="PropertyName"></param> /// <param name="PropertyValue"></param> public static void SetProperty(DirectoryEntry de, string PropertyName, string PropertyValue) { if (PropertyValue != null) { if (de.Properties.Contains(PropertyName)) { de.Properties[PropertyName][0] = PropertyValue; } else { de.Properties[PropertyName].Add(PropertyValue); } } } /// <summary> /// 密码设置 /// </summary> /// <param name="path"></param> public void SetPassword(DirectoryEntry newuser, string password) { newuser.AuthenticationType = AuthenticationTypes.Secure; object ret = newuser.Invoke("SetPassword", new object[] { password}); newuser.CommitChanges(); } /// <summary> /// 修改密码 /// </summary> /// <param name="login">用户登录名</param> /// <param name="userOldPassword">旧密码</param> /// <param name="userNewPassword">新密码</param> public void ChangePassword(string login, string userOldPassword,string userNewPassword ) { DirectoryEntry de = ADHelper.GetDirectoryEntry(); IEnumerator ie = de.Children.GetEnumerator(); ie.MoveNext(); DirectoryEntry ou = ie.Current as DirectoryEntry; while (ou != null) { DirectorySearcher mySearcher = new DirectorySearcher(ou); mySearcher.Filter = ("(&(objectClass=user) (cn=" + login + "))"); // SearchResult resEnt = mySearcher.FindOne(); DirectoryEntry user = resEnt.GetDirectoryEntry(); user.AuthenticationType = AuthenticationTypes.Secure; user.Invoke("ChangePassword", new object[] { userOldPassword, userNewPassword }); user.CommitChanges(); user.Close(); de.Close(); ou = ie.MoveNext() ? ie.Current as DirectoryEntry : null; } } /// <summary> /// 添加用户到组 /// </summary> /// <param name="de"></param> /// <param name="userDn"></param> /// <param name="GroupName"></param> public bool AddUserToGroup(DirectoryEntry de, string userDn, string GroupName) { DirectorySearcher deSearch = new DirectorySearcher(); deSearch.SearchRoot = de; deSearch.Filter = "(&(objectClass=group) (cn=" + GroupName + "))"; SearchResult Groupresult = deSearch.FindOne(); if (Groupresult != null) { DirectoryEntry user = ADHelper.GetDirectoryEntry(userDn); if ( 4000 user != null) { DirectoryEntry dirEntry = Groupresult.GetDirectoryEntry(); if (!dirEntry.Properties["member"].Contains(userDn)) { dirEntry.Properties["member"].Add(userDn); } dirEntry.CommitChanges(); dirEntry.Close(); } else { return false; } user.Close(); } else { return false; } return true; } /// <summary> /// 添加用户到组 /// </summary> /// <param name="de"></param> /// <param name="deUser"></param> /// <param name="GroupName"></param> public static void AddUserToGroup(DirectoryEntry de, DirectoryEntry deUser, string GroupName) { DirectorySearcher deSearch = new DirectorySearcher(); deSearch.SearchRoot = de; deSearch.Filter = "(&(objectClass=group) (cn=" + GroupName + "))"; SearchResultCollection results = deSearch.FindAll(); bool isGroupMember = false; if (results.Count > 0) { DirectoryEntry group = ADHelper.GetDirectoryEntry(results[0].Path); object members = group.Invoke("Members", null); foreach (object member in (IEnumerable)members) { DirectoryEntry x = new DirectoryEntry(member); if (x.Name != deUser.Name) { isGroupMember = false; } else { isGroupMember = true; break; } } if (!isGroupMember) { group.Invoke("Add", new object[] { deUser.Path.ToString() }); } group.Close(); } return; } /// <summary> /// 启用账号 /// </summary> /// <param name="de"></param> public void EnableAccount(DirectoryEntry de) { //设置账号密码不过期 int exp = (int)de.Properties["userAccountControl"].Value; de.Properties["userAccountControl"].Value = exp | 0x10000; de.CommitChanges(); //启用账号 int val = (int)de.Properties["userAccountControl"].Value; de.Properties["userAccountControl"].Value = val & ~0x0002; de.CommitChanges(); } /// <summary> /// 停用账号 /// </summary> /// <param name="de"></param> public void DisableAccount(DirectoryEntry de) { //启用账号 int val = (int)de.Properties["userAccountControl"].Value; de.Properties["userAccountControl"].Value = val | 0x0002; de.CommitChanges(); } /// <summary> /// 检验Email格式是否正确 /// </summary> /// <param name="mail"></param> /// <returns></returns> public bool IsEmail(string mail) { Regex mailPattern = new Regex(@"\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*"); return mailPattern.IsMatch(mail); } /// <summary> /// 搜索被修改过的用户 /// </summary> /// <param name="fromdate"></param> /// <returns></returns> public DataTable GetModifiedUsers(DateTime fromdate) { DataTable dt = new DataTable(); dt.Columns.Add("EmployeeID"); dt.Columns.Add("Name"); dt.Columns.Add("Email"); DirectoryEntry de = ADHelper.GetDirectoryEntry(); DirectorySearcher ds = new DirectorySearcher(de); StringBuilder filter = new StringBuilder(); filter.Append("(&(objectCategory=Person)(objectClass=user)(whenChanged>="); filter.Append(ToADDateString(fromdate)); filter.Append("))"); ds.Filter = filter.ToString(); ds.SearchScope = SearchScope.Subtree; SearchResultCollection results = ds.FindAll(); foreach (SearchResult result in results) { DataRow dr = dt.NewRow(); DirectoryEntry dey = ADHelper.GetDirectoryEntry(result.Path); dr["EmployeeID"] = dey.Properties["employeeID"].Value; dr["Name"] = dey.Properties["givenname"].Value; dr["Email"] = dey.Properties["mail"].Value; dt.Rows.Add(dr); dey.Close(); } de.Close(); return dt; } /// <summary> /// 格式化AD的时间 /// </summary> /// <param name="date"></param> /// <returns></returns> public string ToADDateString(DateTime date) { string year = date.Year.ToString(); int month = date.Month; int day = date.Day; StringBuilder sb = new StringBuilder(); sb.Append(year); if (month < 10) { sb.Append("0"); } sb.Append(month.ToString()); if (day < 10) { sb.Append("0"); } sb.Append(day.ToString()); sb.Append("000000.0Z"); return sb.ToString(); } }
相关文章推荐
- C#中Arraylist的sort函数用法实例分析
- C#中关于@的用法
- c#中字符串按指定字符进行数组化,并按指定要求格式化数组内的字符串
- C#简单输出日历的方法
- C# 独占方式打开 Access
- C#接口实现方法实例分析
- C# 的关键字详细介绍(转)
- c# base64 编码解码
- c#使用Socket获取网页(含自动跳转, 解压网页)
- c#使用Socket获取网页(含自动跳转, 解压网页)
- C# Socket 实现的淘宝秒杀器(抢拍器)
- C# Socket 实现的淘宝秒杀器(抢拍器)
- c# 计算两个日期之间相差的小时数
- c# 计算文字高度
- C#利用控件拖拽技术制作拼图游戏
- C# Main方法的传入参数研究
- C#的WebBrowser操作frame实例解析
- C#下载网页并在控制台输出的方法
- C#模拟window操作鼠标的方法
- c#实现断点续传功能示例分享