这几天使用C#操作windows帐户相当纠结,以前没做过,google翻阅了不少资料,尝试不少方法,终于解决了我的问题。
1.创建windows帐户
/// <summary> /// 创建Windows帐户 /// </summary> /// <param name="pathname"></param> /// <returns></returns> public static void CreateLocalUser(string username, string password, string description) { DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer"); var newUser = localMachine.Children.Add(username, "user"); newUser.Invoke("SetPassword", new object[] { password }); newUser.Invoke("Put", new object[] { "Description", description }); newUser.CommitChanges(); localMachine.Close(); newUser.Close(); }
2.更改Windows帐户密码
/// <summary> /// 更改Windows帐户密码 /// </summary> /// <param name="username"></param> /// <param name="oldPwd"></param> /// <param name="newPwd"></param> public static void ChangeWinUserPasswd(string username, string oldPwd, string newPwd) { DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer"); DirectoryEntry user = localMachine.Children.Find(username, "user"); object[] password = new object[] { oldPwd, newPwd }; object ret = user.Invoke("ChangePassword", password); user.CommitChanges(); localMachine.Close(); user.Close(); }
3.判断Windows用户是否存在
/// <summary> /// 判断Windows用户是否存在 /// </summary> /// <param name="username"></param> /// <returns></returns> public static bool ExistWinUser(string username) { try { using (DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer")) { var user = localMachine.Children.Find(username, "user"); return user != null; } } catch { return false; } }
4.删除Windows用户
/// <summary> /// 删除Windows用户 /// </summary> /// <param name="username"></param> /// <returns></returns> public static bool DeleteWinUser(string username) { try { using (DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer")) { //删除存在用户 var delUser = localMachine.Children.Find(username, "user"); if (delUser != null) { localMachine.Children.Remove(delUser); } } return true; } catch { return false; } }
5.启用/禁用windows帐户
/// <summary> /// 启用/禁用windows帐户 /// </summary> /// <param name="username"></param> public static void Disable(string username, bool isDisable) { var userDn = "WinNT://" + Environment.MachineName + "/" + username + ",user"; DirectoryEntry user = new DirectoryEntry(userDn); user.InvokeSet("AccountDisabled", isDisable); user.CommitChanges(); user.Close(); }
操作windows帐户的方法的诀窍在于通过DirectoryEntry 实例调用Invoke,InvokeGet,InvokeSet这三个方法。此三个方法可以对对本机 Active Directory 对象调用方法。操作win帐户的Active Directory 对象就是IADsUser接口。DirectoryEntry 实例通过调用Invoke方法调用IADsUser接口的方法,如上面修改Windows帐户密码就是通过调用IADsUser接口的“ChangePassword”方法;通过InvokeGet和InvokeSet方法调用IADsUser接口的属性,如上面的启用/禁用windows帐户,调用IADsUser接口的“AccountDisabled”属性。IADsUser接口具体有什么方法和属性可参考:http://msdn.microsoft.com/zh-cn/library/aa746340(v=VS.85).aspx
转自:http://www.cnblogs.com/skynothing/archive/2010/07/26/1785344.html