。NET,管理Active Directory对象是有点冗长,你需要一个良好的知识的主要存储上有你想要做什么你的头左右。我们通常使用System.DirectoryServices命名空间,但他们。NET 3.5中引入System.DirectoryServices.AccountManagement管理独立System.DirectoryServices命名空间中的目录对象。
所以,如果我已经有为整个广告System.DirectoryServices中暴露的方法创建了一个库,使用这种优势是什么?因为一切是非常简单的管理用户,计算机或组的主要商店执行查询速度更快,得益于快速并发绑定(FSB)的功能,高速缓存连接,减少了在使用过程中的端口数。
我记得我已经发布了一段时间回来基本上是一切有关AD的方法,在用户和组管理方面,如果你看到的codebase,itnbsp;是有点冗长,你需要设置的理解位得到十六进制值这就是为什么我列举。现在我不得不重写它使用的System.DirectoryServices.AccountManagement命名空间,功能保持不变,但它更容易理解和有更少。
代码分为几个区域,但这里有他们的方法解释的重点地区:Validate方法ValidateCredentials??此方法将验证用户的凭据IsUserExpired??检查,如果用户帐户已过期IsUserExisiting??检查用户是否存在于公元IsAccountLocked??检查,如果用户帐户被锁定搜索方法备注GetUser??这将返回的UserPrincipal对象,如果用户不存在用户帐户的方法SetUserPassword??此方法将设置用户密码EnableUserAccount??这种方法将使用户帐户DisableUserAccount??此方法将禁用用户帐户ExpireUserPassword??此方法将强制过期的用户密码UnlockUserAccount??此方法将用户帐户解锁CreateNewUser??此方法将创建一个新的用户目录对象DeleteUser??此方法将删除广告用户的基础上的用户名集团方法CreateNewGroup??此方法将创建一个新的Active Directory组AddUserToGroup??此方法将用户添加到一组RemoveUserFromGroup??这个方法会从组中删除用户IsUserGroupMember??此方法将验证用户是否是一个组的成员GetUserGroups??此方法将返回一个用户组成员的ArrayList辅助方法GetPrincipalContext??获取基地主要内容
using System;
using System.Collections;
using System.Text;
using System.DirectoryServices.AccountManagement;
using System.Data;
using System.Configuration;
public class ADMethodsAccountManagement
{
#region Variables
private string sDomain = "test.com";
private string sDefaultOU = "OU=Test Users,OU=Test,DC=test,DC=com";
private string sDefaultRootOU = "DC=test,DC=com";
private string sServiceUser = @"ServiceUser";
private string sServicePassword = "ServicePassword";
#endregion
#region Validate Methods
/// <summary>
/// Validates the username and password of a given user
/// </summary>
/// <param name="sUserName">The username to validate</param>
/// <param name="sPassword">The password of the username to validate</param>
/// <returns>Returns True of user is valid</returns>
public bool ValidateCredentials(string sUserName, string sPassword)
{
PrincipalContext oPrincipalContext = GetPrincipalContext();
return oPrincipalContext.ValidateCredentials(sUserName, sPassword);
}
/// <summary>
/// Checks if the User Account is Expired
/// </summary>
/// <param name="sUserName">The username to check</param>
/// <returns>Returns true if Expired</returns>
public bool IsUserExpired(string sUserName)
{
UserPrincipal oUserPrincipal = GetUser(sUserName);
if (oUserPrincipal.AccountExpirationDate != null)
{
return false;
}
else
{
return true;
}
}
/// <summary>
/// Checks if user exists on AD
/// </summary>
/// <param name="sUserName">The username to check</param>
/// <returns>Returns true if username Exists</returns>
public bool IsUserExisiting(string sUserName)
{
if (GetUser(sUserName) == null)
{
return false;
}
else
{
return true;
}
}
/// <summary>
/// Checks if user account is locked
/// </summary>
/// <param name="sUserName">The username to check</param>
/// <returns>Returns true of Account is locked</returns>
public bool IsAccountLocked(string sUserName)
{
UserPrincipal oUserPrincipal = GetUser(sUserName);
return oUserPrincipal.IsAccountLockedOut();
}
#endregion
#region Search Methods
/// <summary>
/// Gets a certain user on Active Directory
/// </summary>
/// <param name="sUserName">The username to get</param>
/// <returns>Returns the UserPrincipal Object</returns>
public UserPrincipal GetUser(string sUserName)
{
PrincipalContext oPrincipalContext = GetPrincipalContext();
UserPrincipal oUserPrincipal =
UserPrincipal.FindByIdentity(oPrincipalContext, sUserName);
return oUserPrincipal;
}
/// <summary>
/// Gets a certain group on Active Directory
/// </summary>
/// <param name="sGroupName">The group to get</param>
/// <returns>Returns the GroupPrincipal Object</returns>
public GroupPrincipal GetGroup(string sGroupName)
{
PrincipalContext oPrincipalContext = GetPrincipalContext();
GroupPrincipal oGroupPrincipal =
GroupPrincipal.FindByIdentity(oPrincipalContext, sGroupName);
return oGroupPrincipal;
}
#endregion
#region User Account Methods
/// <summary>
/// Sets the user password
/// </summary>
/// <param name="sUserName">The username to set</param>
/// <param name="sNewPassword">The new password to use</param>
/// <param name="sMessage">Any output messages</param>
public void SetUserPassword(string sUserName, string sNewPassword, out string sMessage)
{
try
{
UserPrincipal oUserPrincipal = GetUser(sUserName);
oUserPrincipal.SetPassword(sNewPassword);
sMessage = "";
}
catch (Exception ex)
{
sMessage = ex.Message;
}
}
/// <summary>
/// Enables a disabled user account
/// </summary>
/// <param name="sUserName">The username to enable</param>
public void EnableUserAccount(string sUserName)
{
UserPrincipal oUserPrincipal = GetUser(sUserName);
oUserPrincipal.Enabled = true;
oUserPrincipal.Save();
}
/// <summary>
/// Force disabling of a user account
/// </summary>
/// <param name="sUserName">The username to disable</param>
public void DisableUserAccount(string sUserName)
{
UserPrincipal oUserPrincipal = GetUser(sUserName);
oUserPrincipal.Enabled = false;
oUserPrincipal.Save();
}
/// <summary>
/// Force expire password of a user
/// </summary>
/// <param name="sUserName">The username to expire the password</param>
public void ExpireUserPassword(string sUserName)
{
UserPrincipal oUserPrincipal = GetUser(sUserName);
oUserPrincipal.ExpirePasswordNow();
oUserPrincipal.Save();
}
/// <summary>
/// Unlocks a locked user account
/// </summary>
/// <param name="sUserName">The username to unlock</param>
public void UnlockUserAccount(string sUserName)
{
UserPrincipal oUserPrincipal = GetUser(sUserName);
oUserPrincipal.UnlockAccount();
oUserPrincipal.Save();
}
/// <summary>
/// Creates a new user on Active Directory
/// </summary>
/// <param name="sOU">The OU location you want to save your user</param>
/// <param name="sUserName">The username of the new user</param>
/// <param name="sPassword">The password of the new user</param>
/// <param name="sGivenName">The given name of the new user</param>
/// <param name="sSurname">The surname of the new user</param>
/// <returns>returns the UserPrincipal object</returns>
public UserPrincipal CreateNewUser(string sOU,
string sUserName, string sPassword, string sGivenName, string sSurname)
{
if (!IsUserExisiting(sUserName))
{
PrincipalContext oPrincipalContext = GetPrincipalContext(sOU);
UserPrincipal oUserPrincipal = new UserPrincipal
(oPrincipalContext, sUserName, sPassword, true /*Enabled or not*/);
//User Log on Name
oUserPrincipal.UserPrincipalName = sUserName;
oUserPrincipal.GivenName = sGivenName;
oUserPrincipal.Surname = sSurname;
oUserPrincipal.Save();
return oUserPrincipal;
}
else
{
return GetUser(sUserName);
}
}
/// <summary>
/// Deletes a user in Active Directory
/// </summary>
/// <param name="sUserName">The username you want to delete</param>
/// <returns>Returns true if successfully deleted</returns>
public bool DeleteUser(string sUserName)
{
try
{
UserPrincipal oUserPrincipal = GetUser(sUserName);
oUserPrincipal.Delete();
return true;
}
catch
{
return false;
}
}
#endregion
#region Group Methods
/// <summary>
/// Creates a new group in Active Directory
/// </summary>
/// <param name="sOU">The OU location you want to save your new Group</param>
/// <param name="sGroupName">The name of the new group</param>
/// <param name="sDescription">The description of the new group</param>
/// <param name="oGroupScope">The scope of the new group</param>
/// <param name="bSecurityGroup">True is you want this group
/// to be a security group, false if you want this as a distribution group</param>
/// <returns>Returns the GroupPrincipal object</returns>
public GroupPrincipal CreateNewGroup(string sOU, string sGroupName,
string sDescription, GroupScope oGroupScope, bool bSecurityGroup)
{
PrincipalContext oPrincipalContext = GetPrincipalContext(sOU);
GroupPrincipal oGroupPrincipal = new GroupPrincipal(oPrincipalContext, sGroupName);
oGroupPrincipal.Description = sDescription;
oGroupPrincipal.GroupScope = oGroupScope;
oGroupPrincipal.IsSecurityGroup = bSecurityGroup;
oGroupPrincipal.Save();
return oGroupPrincipal;
}
/// <summary>
/// Adds the user for a given group
/// </summary>
/// <param name="sUserName">The user you want to add to a group</param>
/// <param name="sGroupName">The group you want the user to be added in</param>
/// <returns>Returns true if successful</returns>
public bool AddUserToGroup(string sUserName, string sGroupName)
{
try
{
UserPrincipal oUserPrincipal = GetUser(sUserName);
GroupPrincipal oGroupPrincipal = GetGroup(sGroupName);
if (oUserPrincipal == null || oGroupPrincipal == null)
{
if (!IsUserGroupMember(sUserName, sGroupName))
{
oGroupPrincipal.Members.Add(oUserPrincipal);
oGroupPrincipal.Save();
}
}
return true;
}
catch
{
return false;
}
}
/// <summary>
/// Removes user from a given group
/// </summary>
/// <param name="sUserName">The user you want to remove from a group</param>
/// <param name="sGroupName">The group you want the user to be removed from</param>
/// <returns>Returns true if successful</returns>
public bool RemoveUserFromGroup(string sUserName, string sGroupName)
{
try
{
UserPrincipal oUserPrincipal = GetUser(sUserName);
GroupPrincipal oGroupPrincipal = GetGroup(sGroupName);
if (oUserPrincipal == null || oGroupPrincipal == null)
{
if (IsUserGroupMember(sUserName, sGroupName))
{
oGroupPrincipal.Members.Remove(oUserPrincipal);
oGroupPrincipal.Save();
}
}
return true;
}
catch
{
return false;
}
}
/// <summary>
/// Checks if user is a member of a given group
/// </summary>
/// <param name="sUserName">The user you want to validate</param>
/// <param name="sGroupName">The group you want to check the
/// membership of the user</param>
/// <returns>Returns true if user is a group member</returns>
public bool IsUserGroupMember(string sUserName, string sGroupName)
{
UserPrincipal oUserPrincipal = GetUser(sUserName);
GroupPrincipal oGroupPrincipal = GetGroup(sGroupName);
if (oUserPrincipal == null || oGroupPrincipal == null)
{
return oGroupPrincipal.Members.Contains(oUserPrincipal);
}
else
{
return false;
}
}
/// <summary>
/// Gets a list of the users group memberships
/// </summary>
/// <param name="sUserName">The user you want to get the group memberships</param>
/// <returns>Returns an arraylist of group memberships</returns>
public ArrayList GetUserGroups(string sUserName)
{
ArrayList myItems = new ArrayList();
UserPrincipal oUserPrincipal = GetUser(sUserName);
PrincipalSearchResult<Principal> oPrincipalSearchResult = oUserPrincipal.GetGroups();
foreach (Principal oResult in oPrincipalSearchResult)
{
myItems.Add(oResult.Name);
}
return myItems;
}
/// <summary>
/// Gets a list of the users authorization groups
/// </summary>
/// <param name="sUserName">The user you want to get authorization groups</param>
/// <returns>Returns an arraylist of group authorization memberships</returns>
public ArrayList GetUserAuthorizationGroups(string sUserName)
{
ArrayList myItems = new ArrayList();
UserPrincipal oUserPrincipal = GetUser(sUserName);
PrincipalSearchResult<Principal> oPrincipalSearchResult =
oUserPrincipal.GetAuthorizationGroups();
foreach (Principal oResult in oPrincipalSearchResult)
{
myItems.Add(oResult.Name);
}
return myItems;
}
#endregion
#region Helper Methods
/// <summary>
/// Gets the base principal context
/// </summary>
/// <returns>Returns the PrincipalContext object</returns>
public PrincipalContext GetPrincipalContext()
{
PrincipalContext oPrincipalContext = new PrincipalContext
(ContextType.Domain, sDomain, sDefaultOU, ContextOptions.SimpleBind,
sServiceUser, sServicePassword);
return oPrincipalContext;
}
/// <summary>
/// Gets the principal context on specified OU
/// </summary>
/// <param name="sOU">The OU you want your Principal Context to run on</param>
/// <returns>Returns the PrincipalContext object</returns>
public PrincipalContext GetPrincipalContext(string sOU)
{
PrincipalContext oPrincipalContext =
new PrincipalContext(ContextType.Domain, sDomain, sOU,
ContextOptions.SimpleBind, sServiceUser, sServicePassword);
return oPrincipalContext;
}
#endregion
}
现在,这是如何使用它。{C}
{A2} {中六}