返回首页
  1.  或代码
  2. 文章
  3. 编程语言
  4. C#

一切都在ActiveDirectory中通过C#NET3.5(使用System.DirectoryServices.AccountManagement)


。NET,管理Active Directory对象是有点冗长,你需要一个良好的知识的主要存储上有你想要做什么你的头左右。我们通常使用System.DirectoryServices命名空间,但他们。NET 3.5中引入System.DirectoryServices.AccountManagement管理独立System.DirectoryServices命名空间中的目录对象。
所以,如果我已经有为整个广告System.DirectoryServices中暴露的方法创建了一个库,使用这种优势是什么?因为一切是非常简单的管理用户,计算机或组的主要商店执行查询速度更快,得益于快速并发绑定(FSB)的功能,高速缓存连接,减少了在使用过程中的端口数。
我记得我已经发布了一段时间回来基本上是一切有关AD的方法,在用户和组管理方面,如果你看到的codebase,itnbsp;是有点冗长,你需要设置的理解位得到十六进制值这就是为什么我列举。现在我不得不重写它使用的System.DirectoryServices.AccountManagement命名空间,功能保持不变,但它更容易理解和有更少。
代码分为几个区域,但这里有他们的方法解释的重点地区:Validate方法ValidateCredentials??此方法将验证用户的凭据IsUserExpired??检查,如果用户帐户已过期IsUserExisiting??检查用户是否存在于公元IsAccountLocked??检查,如果用户帐户被锁定搜索方法备注GetUser??这将返回的UserPrincipal对象,如果用户不存在用户帐户的方法SetUserPassword??此方法将设置用户密码EnableUserAccount??这种方法将使用户帐户DisableUserAccount??此方法将禁用用户帐户ExpireUserPassword??此方法将强制过期的用户密码UnlockUserAccount??此方法将用户帐户解锁CreateNewUser??此方法将创建一个新的用户目录对象DeleteUser??此方法将删除广告用户的基础上的用户名集团方法CreateNewGroup??此方法将创建一个新的Active Directory组AddUserToGroup??此方法将用户添加到一组RemoveUserFromGroup??这个方法会从组中删除用户IsUserGroupMember??此方法将验证用户是否是一个组的成员GetUserGroups??此方法将返回一个用户组成员的ArrayList辅助方法GetPrincipalContext??获取基地主要内容

using System;

using System.Collections;

using System.Text;

using System.DirectoryServices.AccountManagement;

using System.Data;

using System.Configuration;



public class ADMethodsAccountManagement

{

 #region Variables



 private string sDomain = "test.com";

 private string sDefaultOU = "OU=Test Users,OU=Test,DC=test,DC=com";

 private string sDefaultRootOU = "DC=test,DC=com";

 private string sServiceUser = @"ServiceUser";

 private string sServicePassword = "ServicePassword";



 #endregion

 #region Validate Methods



 /// <summary>

 /// Validates the username and password of a given user

 /// </summary>

 /// <param name="sUserName">The username to validate</param>

 /// <param name="sPassword">The password of the username to validate</param>

 /// <returns>Returns True of user is valid</returns>

 public bool ValidateCredentials(string sUserName, string sPassword)

 {

 PrincipalContext oPrincipalContext = GetPrincipalContext();

 return oPrincipalContext.ValidateCredentials(sUserName, sPassword);

 }



 /// <summary>

 /// Checks if the User Account is Expired

 /// </summary>

 /// <param name="sUserName">The username to check</param>

 /// <returns>Returns true if Expired</returns>

 public bool IsUserExpired(string sUserName)

 {

 UserPrincipal oUserPrincipal = GetUser(sUserName);

 if (oUserPrincipal.AccountExpirationDate != null)

 {

 return false;

 }

 else

 {

 return true;

 }

 }



 /// <summary>

 /// Checks if user exists on AD

 /// </summary>

 /// <param name="sUserName">The username to check</param>

 /// <returns>Returns true if username Exists</returns>

 public bool IsUserExisiting(string sUserName)

 {

 if (GetUser(sUserName) == null)

 {

 return false;

 }

 else

 {

 return true;

 }

 }



 /// <summary>

 /// Checks if user account is locked

 /// </summary>

 /// <param name="sUserName">The username to check</param>

 /// <returns>Returns true of Account is locked</returns>

 public bool IsAccountLocked(string sUserName)

 {

 UserPrincipal oUserPrincipal = GetUser(sUserName);

 return oUserPrincipal.IsAccountLockedOut();

 }

 #endregion



 #region Search Methods



 /// <summary>

 /// Gets a certain user on Active Directory

 /// </summary>

 /// <param name="sUserName">The username to get</param>

 /// <returns>Returns the UserPrincipal Object</returns>

 public UserPrincipal GetUser(string sUserName)

 {

 PrincipalContext oPrincipalContext = GetPrincipalContext();



 UserPrincipal oUserPrincipal = 

	UserPrincipal.FindByIdentity(oPrincipalContext, sUserName);

 return oUserPrincipal;

 }



 /// <summary>

 /// Gets a certain group on Active Directory

 /// </summary>

 /// <param name="sGroupName">The group to get</param>

 /// <returns>Returns the GroupPrincipal Object</returns>

 public GroupPrincipal GetGroup(string sGroupName)

 {

 PrincipalContext oPrincipalContext = GetPrincipalContext();



 GroupPrincipal oGroupPrincipal = 

	GroupPrincipal.FindByIdentity(oPrincipalContext, sGroupName);

 return oGroupPrincipal;

 }



 #endregion



 #region User Account Methods



 /// <summary>

 /// Sets the user password

 /// </summary>

 /// <param name="sUserName">The username to set</param>

 /// <param name="sNewPassword">The new password to use</param>

 /// <param name="sMessage">Any output messages</param>

 public void SetUserPassword(string sUserName, string sNewPassword, out string sMessage)

 {

 try

 {

 UserPrincipal oUserPrincipal = GetUser(sUserName);

 oUserPrincipal.SetPassword(sNewPassword);

 sMessage = "";

 }

 catch (Exception ex)

 {

 sMessage = ex.Message;

 }

 }



 /// <summary>

 /// Enables a disabled user account

 /// </summary>

 /// <param name="sUserName">The username to enable</param>

 public void EnableUserAccount(string sUserName)

 {

 UserPrincipal oUserPrincipal = GetUser(sUserName);

 oUserPrincipal.Enabled = true;

 oUserPrincipal.Save();

 }



 /// <summary>

 /// Force disabling of a user account

 /// </summary>

 /// <param name="sUserName">The username to disable</param>

 public void DisableUserAccount(string sUserName)

 {

 UserPrincipal oUserPrincipal = GetUser(sUserName);

 oUserPrincipal.Enabled = false;

 oUserPrincipal.Save();

 }



 /// <summary>

 /// Force expire password of a user

 /// </summary>

 /// <param name="sUserName">The username to expire the password</param>

 public void ExpireUserPassword(string sUserName)

 {

 UserPrincipal oUserPrincipal = GetUser(sUserName);

 oUserPrincipal.ExpirePasswordNow();

 oUserPrincipal.Save();

 }



 /// <summary>

 /// Unlocks a locked user account

 /// </summary>

 /// <param name="sUserName">The username to unlock</param>

 public void UnlockUserAccount(string sUserName)

 {

 UserPrincipal oUserPrincipal = GetUser(sUserName);

 oUserPrincipal.UnlockAccount();

 oUserPrincipal.Save();

 }



 /// <summary>

 /// Creates a new user on Active Directory

 /// </summary>

 /// <param name="sOU">The OU location you want to save your user</param>

 /// <param name="sUserName">The username of the new user</param>

 /// <param name="sPassword">The password of the new user</param>

 /// <param name="sGivenName">The given name of the new user</param>

 /// <param name="sSurname">The surname of the new user</param>

 /// <returns>returns the UserPrincipal object</returns>

 public UserPrincipal CreateNewUser(string sOU, 

	string sUserName, string sPassword, string sGivenName, string sSurname)

 {

 if (!IsUserExisiting(sUserName))

 {

 PrincipalContext oPrincipalContext = GetPrincipalContext(sOU);



 UserPrincipal oUserPrincipal = new UserPrincipal

	(oPrincipalContext, sUserName, sPassword, true /*Enabled or not*/);



 //User Log on Name

 oUserPrincipal.UserPrincipalName = sUserName;

 oUserPrincipal.GivenName = sGivenName;

 oUserPrincipal.Surname = sSurname;

 oUserPrincipal.Save();



 return oUserPrincipal;

 }

 else

 {

 return GetUser(sUserName);

 }

 }



 /// <summary>

 /// Deletes a user in Active Directory

 /// </summary>

 /// <param name="sUserName">The username you want to delete</param>

 /// <returns>Returns true if successfully deleted</returns>

 public bool DeleteUser(string sUserName)

 {

 try

 {

 UserPrincipal oUserPrincipal = GetUser(sUserName);



 oUserPrincipal.Delete();

 return true;

 }

 catch

 {

 return false;

 }

 }



 #endregion



 #region Group Methods



 /// <summary>

 /// Creates a new group in Active Directory

 /// </summary>

 /// <param name="sOU">The OU location you want to save your new Group</param>

 /// <param name="sGroupName">The name of the new group</param>

 /// <param name="sDescription">The description of the new group</param>

 /// <param name="oGroupScope">The scope of the new group</param>

 /// <param name="bSecurityGroup">True is you want this group 

 /// to be a security group, false if you want this as a distribution group</param>

 /// <returns>Returns the GroupPrincipal object</returns>

 public GroupPrincipal CreateNewGroup(string sOU, string sGroupName, 

	string sDescription, GroupScope oGroupScope, bool bSecurityGroup)

 {

 PrincipalContext oPrincipalContext = GetPrincipalContext(sOU);



 GroupPrincipal oGroupPrincipal = new GroupPrincipal(oPrincipalContext, sGroupName);

 oGroupPrincipal.Description = sDescription;

 oGroupPrincipal.GroupScope = oGroupScope;

 oGroupPrincipal.IsSecurityGroup = bSecurityGroup;

 oGroupPrincipal.Save();



 return oGroupPrincipal;

 }



 /// <summary>

 /// Adds the user for a given group

 /// </summary>

 /// <param name="sUserName">The user you want to add to a group</param>

 /// <param name="sGroupName">The group you want the user to be added in</param>

 /// <returns>Returns true if successful</returns>

 public bool AddUserToGroup(string sUserName, string sGroupName)

 {

 try

 {

 UserPrincipal oUserPrincipal = GetUser(sUserName);

 GroupPrincipal oGroupPrincipal = GetGroup(sGroupName);

 if (oUserPrincipal == null || oGroupPrincipal == null)

 {

 if (!IsUserGroupMember(sUserName, sGroupName))

 {

 oGroupPrincipal.Members.Add(oUserPrincipal);

 oGroupPrincipal.Save();

 }

 }

 return true;

 }

 catch

 {

 return false;

 }

 }



 /// <summary>

 /// Removes user from a given group

 /// </summary>

 /// <param name="sUserName">The user you want to remove from a group</param>

 /// <param name="sGroupName">The group you want the user to be removed from</param>

 /// <returns>Returns true if successful</returns>

 public bool RemoveUserFromGroup(string sUserName, string sGroupName)

 {

 try

 {

 UserPrincipal oUserPrincipal = GetUser(sUserName);

 GroupPrincipal oGroupPrincipal = GetGroup(sGroupName);

 if (oUserPrincipal == null || oGroupPrincipal == null)

 {

 if (IsUserGroupMember(sUserName, sGroupName))

 {

 oGroupPrincipal.Members.Remove(oUserPrincipal);

 oGroupPrincipal.Save();

 }

 }

 return true;

 }

 catch

 {

 return false;

 }

 }



 /// <summary>

 /// Checks if user is a member of a given group

 /// </summary>

 /// <param name="sUserName">The user you want to validate</param>

 /// <param name="sGroupName">The group you want to check the 

 /// membership of the user</param>

 /// <returns>Returns true if user is a group member</returns>

 public bool IsUserGroupMember(string sUserName, string sGroupName)

 {

 UserPrincipal oUserPrincipal = GetUser(sUserName);

 GroupPrincipal oGroupPrincipal = GetGroup(sGroupName);



 if (oUserPrincipal == null || oGroupPrincipal == null)

 {

 return oGroupPrincipal.Members.Contains(oUserPrincipal);

 }

 else

 {

 return false;

 }

 }



 /// <summary>

 /// Gets a list of the users group memberships

 /// </summary>

 /// <param name="sUserName">The user you want to get the group memberships</param>

 /// <returns>Returns an arraylist of group memberships</returns>

 public ArrayList GetUserGroups(string sUserName)

 {

 ArrayList myItems = new ArrayList();

 UserPrincipal oUserPrincipal = GetUser(sUserName);



 PrincipalSearchResult<Principal> oPrincipalSearchResult = oUserPrincipal.GetGroups();



 foreach (Principal oResult in oPrincipalSearchResult)

 {

 myItems.Add(oResult.Name);

 }

 return myItems;

 }



 /// <summary>

 /// Gets a list of the users authorization groups

 /// </summary>

 /// <param name="sUserName">The user you want to get authorization groups</param>

 /// <returns>Returns an arraylist of group authorization memberships</returns>

 public ArrayList GetUserAuthorizationGroups(string sUserName)

 {

 ArrayList myItems = new ArrayList();

 UserPrincipal oUserPrincipal = GetUser(sUserName);



 PrincipalSearchResult<Principal> oPrincipalSearchResult = 

			oUserPrincipal.GetAuthorizationGroups();



 foreach (Principal oResult in oPrincipalSearchResult)

 {

 myItems.Add(oResult.Name);

 }

 return myItems;

 }



 #endregion



 #region Helper Methods



 /// <summary>

 /// Gets the base principal context

 /// </summary>

 /// <returns>Returns the PrincipalContext object</returns>

 public PrincipalContext GetPrincipalContext()

 {

 PrincipalContext oPrincipalContext = new PrincipalContext

	(ContextType.Domain, sDomain, sDefaultOU, ContextOptions.SimpleBind, 

	sServiceUser, sServicePassword);

 return oPrincipalContext;

 }



 /// <summary>

 /// Gets the principal context on specified OU

 /// </summary>

 /// <param name="sOU">The OU you want your Principal Context to run on</param>

 /// <returns>Returns the PrincipalContext object</returns>

 public PrincipalContext GetPrincipalContext(string sOU)

 {

 PrincipalContext oPrincipalContext = 

	new PrincipalContext(ContextType.Domain, sDomain, sOU, 

	ContextOptions.SimpleBind, sServiceUser, sServicePassword);

 return oPrincipalContext;

 }



 #endregion

}

现在,这是如何使用它。{C}
{A2} {中​​六}

回答

评论会员:vaadadmin 时间:2012/01/26
我觉得,条件运算符是在AddUserToGroup向后。目前,如果(oUserPrincipal == NULL | | oGroupPrincipal == NULL)应该不会=
评论会员:!布赖恩博斯特 时间:2012/01/26
IsUserExpired例行似乎并没有做什么的总结说,它。会不会像下面这样更准确?

/// <summary>

/// Checks if the User Account is Expired

/// </summary>

/// <param name="sUserName">The username to check</param>

/// <returns>Returns true if Expired</returns>

public bool IsUserExpired(string sUserName)

{

    UserPrincipal oUserPrincipal = GetUser(sUserName);

    Nullable<DateTime> ExpirationDate;

    ExpirationDate = oUserPrincipal.AccountExpirationDate;

 

    if (ExpirationDate == null) return false; // never expires

    if (ExpirationDate <= DateTime.Now)

    {

        return true;

    }

    else

    {

        return false;

    }

}
评论会员:solutionsville 时间:2012/01/26
。是否有可能从一个有效的用户配置文件创建一个新用户净?例如:约翰存在于他的权限与AD数据的基础上。我想创建一个新的用户,复制相同的权限
约翰。
有一种方法来做好这项工作
评论会员:会员7897506 时间:2012/01/26
?这是在Silverlight应用程序

我有一个客户想要做这在Silverlight应用程序的副标准的ASPX页面
评论会员:。mannychohan 时间:2012/01/26
库尔雷蒙德
你救了我的时间堆

感谢
评论会员:游客 时间:2012/01/26
。RaymundMacaalay:|您好,NBSP是它可以管理用户的电子邮件地址和通讯组列表使用System.DirectoryServices.AccountManagement的外汇感谢?
马修莱莫斯
评论会员:游客 时间:2012/01/26
,你需要使用CDOEXM,
Raymund Macaalay
评论会员:游客 时间:2012/01/26
嗨,我试图用IsUserGroupMember()方法,当我运行解决方案时,我得到:登录失败:未知的用户名或密码错误。源错误:89线:PrincipalContextoPrincipalContext=GetPrincipalContext()第90行:91:线的UserPrincipaloUserPrincipal=UserPrincipal.FindByIdentity(oPrincipalContext,sUserName)行92:返回oUserPrincipal;行93:}91行是行问题。有什么建议?我使用的服务帐户,我知道具有读取权限,但不能写入访问,但我只是做一个函数,读取并此事
?马修莱莫斯
评论会员:游客 时间:2012/01/26
该服务的用户是否有阅读的"组会员权限"
Raymund Macaalay
评论会员:游客 时间:2012/01/26
YEA它可以读取一切。它可能是,我只是有我的类变量是错误​​的?sDomain="";sDefaultOU="";sDefaultRootOU="";什么我搞清楚究竟需要去这里最好的办法,因为我样的猜测。这是一个受过教育的猜测,但猜测尽管如此
。gglover3158
评论会员:游客 时间:2012/01/26
sDomain将ActiveDirectory域sDefaultOU将你要执行你的方法的默认OUsDefaultRootOU将ActiveDirectory域的根OU
Raymund Macaalay
评论会员:游客 时间:2012/01/26
我得到一个错误,当试图使用的UserPrincipal.FindByIdentity方法。错误是:由同一个用户使用多个用户名,服务器或共享资源的多重连接是不允许的。断开所有以前的服务器或共享资源的连接,然后再试一次。(异常来自HRESULT:0x800704C3)代码:私人无效btnLogin_Click(对象发件人,发送RoutedEventArgs) { 如果((this.txtUserName.Text="")放大器;放大器;!(this.txtPassword.Password="")){BR}{ sServiceUser=txtUserName.Text; sServicePassword=txtPassword.Password;//获取主体上下文一旦用户验证。 GetPrincipalContext() (IsUserGroupMember(sServiceUser,"FinalAdmin")){ TrimmerSharedData.UserValidated=TRUE; TrimmerSharedData.UserName=sServiceUser } 否则,如果(IsUserGroupMember(sServiceUser,"FinalUser")){ TrimmerSharedData.UserValidated=TRUE;TrimmerSharedData.UserName=sServiceUser userValidated(TRUE); this.Close(); } ELSE{ userValidated(假);(MessageBox.Show("用户验证失败,用户"sServiceUser "重试登录,按OK!","登录失败!",MessageBoxButton.OKCancel,MessageBoxImage.Error) ==MessageBoxResult.Cancel){this.Close(); } }} 公共BOOLIsUserGroupMember(sUserName字符串,字符串sGroupName) {尝试 {(oUserPrincipal的UserPrincipal=备注GetUser(sUserName)){ (GroupPrincipaloGroupPrincipalGetGroup=(sGroupName)){(oUserPrincipal=NULL&&!oGroupPrincipal=NULL) { 尝试 { Listusers=oGroupPrincipal.GetMembers()。ToList;();{BR}返回oGroupPrincipal.Members.Contains(oUserPrincipal); } (PrincipalExceptionPEX) { 字符串错误=pEx.Message":"pEx.StackTrace; 返回false; }赶上(例外) {字符串错误=ex.Message":"ex.StackTrace; 返回false; }} ELSE { 返回false; } }} }(PrincipalExceptionPEX){字符串错误=PEX.Message":"PEX.StackTrace; 返回false; }} //返回的情况下进行验证PrincipalContextGetPrincipalContext(){oPrincipalContext=新PrincipalContext(ContextType.Machine,sDomain,sServiceUser,sServicePassword); 返回oPrincipalContext;}//获取ActiveDirectory用户 公众的UserPrincipal备注GetUser(字符串sUserName){ 的UserPrincipaloUserPrincipal=UserPrincipal.FindByIdentity(oPrincipalContext,sServiceUser) 返回oUserPrincipal; }//获取用户群体 公共GroupPrincipalGetGroup(字符串sGroupName){ GroupPrincipaloGroupPrincipal=GroupPrincipal.FindByIdentity(oPrincipalContext,sGroupName)返回oGroupPrincipal; }}
会员2556003
评论会员:游客 时间:2012/01/26
你有没有试图处理所有的对象,每次你的用户进行身份验证
Raymund Macaalay
评论会员:游客 时间:2012/01/26
登录失败:未知的用户名或密码错误公众的UserPrincipal备注GetUser(字符串sUserName){ PrincipalContextoPrincipalContext=GetPrincipalContext()的UserPrincipaloUserPrincipal=UserPrincipal.FindByIdentity(oPrincipalContext,sUserName)返回oUserPrincipal;}当我试图调用此方法时收到此错误。如何修复
会员2556003
评论会员:游客 时间:2012/01/26
这意味着您所使用的用户名是无效的,或没有的正当权利
bayonian
评论会员:游客 时间:2012/01/26
感谢您的答复,但ValidateCredential方法正常工作相同的用户。你能告诉我,这个工作需要什么样的权利呢?很抱歉,我很新的AD,你可以请帮我出...
基督教德博诺
评论会员:游客 时间:2012/01/26
感谢你美妙类。我有ASP.NET页面来管理ActiveDirectory的对象。我使用这个类,我可以创建于公元一个用户对象在我的开发机器成功。当我部署到服务器,我只能编辑现有的对象,但我不能创建一个新用户。我总是得到这个异​​常一般拒绝访问的错误。我用域管理员登录私人字符串sServiceUser=@"管理员";私人字符串sServicePassword="ServicePassword";请帮助
Raymund Macaalay
评论会员:游客 时间:2012/01/26
codepreUserPrincipaloUserPrincipal=ADMethods.GetUser(spanclass="code-string""/spanspanclass="code-string"test.user"/span);oUserPrincipal.UnlockAccount();oUserPrincipal.Save();/pre/code上面的代码是生成一个accessdenied异常时执行UnlockAccount方法。肯定是我开锁的帐户锁定和服务帐户是一个测试域的管理员。codepre[UnauthorizedAccessException:Accessisdenied.]System.DirectoryServices.Interop.IAds.SetInfo()+0System.DirectoryServices.DirectoryEntry.CommitChanges()+176System.DirectoryServices.AccountManagement.SDSUtils.WriteAttribute(spanclass="code-SDKkeyword"String/spandePath,spanclass="code-SDKkeyword"String/spanattribute,spanclass="code-SDKkeyword"Int32/spanspanclass="code-keyword"value/span,NetCredcredentials,AuthenticationTypesauthTypes)+152System.DirectoryServices.AccountManagement.ADStoreCtx.WriteAttribute(Principalp,spanclass="code-SDKkeyword"String/spanattribute,spanclass="code-SDKkeyword"Int32/spanspanclass="code-keyword"value/span)+98System.DirectoryServices.AccountManagement.ADStoreCtx.UnlockAccount(AuthenticablePrincipalp)+46System.DirectoryServices.AccountManagement.AccountInfo.UnlockAccount()+37System.DirectoryServices.AccountManagement.AuthenticablePrincipal.UnlockAccount()+16SdAppsUnlock.UserPasswordTools.WebForm1.UnlockUserButton_Click(spanclass="code-SDKkeyword"Object/spansender,EventArgse)spanclass="code-keyword"in/spanC:\Users\christian.debono\Documents\VisualStudio2010\Projects\SdAppsUnlock\SdAppsUnlock\UserPasswordTools\UnlockAccount.aspx.cs:spanclass="code-digit"63/spanSystem.Web.UI.WebControls.Button.OnClick(EventArgse)+118System.Web.UI.WebControls.Button.RaisePostBackEvent(spanclass="code-SDKkeyword"String/spaneventArgument)+112System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(spanclass="code-SDKkeyword"String/spaneventArgument)+10System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandlersourceControl,spanclass="code-SDKkeyword"String/spaneventArgument)+13System.Web.UI.Page.RaisePostBackEvent(NameValueCollectionpostData)+36System.Web.UI.Page.ProcessRequestMain(spanclass="code-SDKkeyword"Boolean/spanincludeStagesBeforeAsyncPoint,spanclass="code-SDKkeyword"Boolean/spanincludeStagesAfterAsyncPoint)+5563/pre/code
基督教德博诺
评论会员:游客 时间:2012/01/26
你确保您使用的是该服务的用户,有权利解除帐户?我已经经历了之前,我们有一个服务的用户有管理员权限的情况,但在解锁帐户下降,如果你是解锁的帐户,比解锁它不会工作,以及一个更高的权限,我想最好的办法测试它,如果您自己的广告帐户已解锁的帐户privilegde尝试在ActiveDirectory用户和计算机的第一个解锁的帐户,然后说,成功的尝试在你的代码再次。希望这使得感
。gashy
评论会员:游客 时间:2012/01/26
没错,这是它是什么。感谢元首最多{七}很多
shailesh_kulthe
评论会员:游客 时间:2012/01/26
嗨,你有没有发现,您GetGroups将只能得到通用组,而不是全球性的群体
?Raymund Macaalay
评论会员:游客 时间:2012/01/26
如何设置下次登录时需要更改密码的用户帐户的参数。如果我们使用changepassword然后将它复位标志?您好|shailesh_kulthe
你要做的就是SetUserPassword然后使用ExpireUserPassword,这将触发一个提示,当用户登录用新的密码
评论会员:RaymundMacaalay 时间:2012/01/26
SetUserPassword是可能的,只有当用户有权限更改密码。
我使用Changepassword,因为它需要新密码以及老如果我使用changepassword,更改密码,但ExpireUserPassword标志没有设置密码改变了状态。
您好