更新Active Directory中用户信息

更新Active Directory中用户信息

 

Written by: Rickie Lee (http://www.cnblogs.com/rickie)

首先根据UserName创建DirectoryEntry对象实例：

DirectoryEntry de= new DirectoryEntry(results.Path,ADUser,ADPassword,AuthenticationTypes.Secure);

需要注意的是ADUser/ADPassword必须具有Account Operator或Administrator的权限，否则de.CommitChanges();会抛出异常。

 

下面的示例代码演示从DataSet中获取AD属性值，并赋予给对应的AD属性。同时，也演示了如何使用AD的扩展属性extensionAttribute1 －extensionAttribute6：

public static void UpdateUserByDataSet(DataSet dsUser)

{

      string UserName = dsUser.Tables[0].Rows[0]["LoginName"].ToString();

      DataRow theRow = dsUser.Tables[0].Rows[0];

      DirectoryEntry deUser = GetUser(UserName);

 

      if(theRow["FirstName"].ToString().Trim().Length != 0)

            deUser.Properties["givenName"].Value = theRow["FirstName"].ToString();

      if(theRow["MiddleInitial"].ToString().Trim().Length != 0)

            deUser.Properties["initials"].Value = theRow["MiddleInitial"].ToString();

      if(theRow["LastName"].ToString().Trim().Length != 0)

            deUser.Properties["sn"].Value = theRow["LastName"].ToString();

      if(theRow["Alias"].ToString().Trim().Length != 0)

            deUser.Properties["mailNickname"].Value = theRow["Alias"].ToString();

      if(theRow["Display"].ToString().Trim().Length != 0)

            deUser.Properties["displayName"].Value = theRow["Display"].ToString();

      if(theRow["Title"].ToString().Trim().Length != 0)

            deUser.Properties["Title"].Value = theRow["Title"].ToString();

 

      if(theRow["Address"].ToString().Trim().Length != 0)

            deUser.Properties["streetAddress"].Value = theRow["Address"].ToString();

      if(theRow["Company"].ToString().Trim().Length != 0)

            deUser.Properties["company"].Value = theRow["Company"].ToString();

      if(theRow["Department"].ToString().Trim().Length != 0)

            deUser.Properties["department"].Value = theRow["Department"].ToString();

      if(theRow["Office"].ToString().Trim().Length != 0)

            deUser.Properties["physicalDeliveryOfficeName"].Value = theRow["Office"].ToString();

      if(deUser.Properties["Assistant"].ToString().Trim().Length != 0)

            deUser.Properties["telephoneAssistant"].Value = theRow["Assistant"].ToString();

 

      if(theRow["City"].ToString().Trim().Length != 0)

            deUser.Properties["l"].Value = theRow["City"].ToString();

      if(theRow["State"].ToString().Trim().Length != 0)

            deUser.Properties["st"].Value = theRow["State"].ToString();

      if(theRow["Zip"].ToString().Trim().Length != 0)

            deUser.Properties["postalCode"].Value = theRow["Zip"].ToString();

      if(theRow["Country"].ToString().Trim().Length != 0)

            deUser.Properties["co"].Value = theRow["Country"].ToString();

 

      // Phone & Notes

…………

 

      // Job Data

      if(theRow["AdminSupervisor"].ToString().Trim().Length != 0)

            deUser.Properties["extensionAttribute1"].Value = theRow["AdminSupervisor"].ToString();

      if(theRow["AdminSubordinates"].ToString().Trim().Length != 0)

            deUser.Properties["extensionAttribute2"].Value = theRow["AdminSubordinates"].ToString();

      if(theRow["AdminDelegates"].ToString().Trim().Length != 0)

            deUser.Properties["extensionAttribute3"].Value = theRow["AdminDelegates"].ToString();

      if(theRow["FunctionalSupervisor"].ToString().Trim().Length != 0)

            deUser.Properties["extensionAttribute4"].Value = theRow["FunctionalSupervisor"].ToString();

      if(theRow["FunctionalSubordinates"].ToString().Trim().Length != 0)

            deUser.Properties["extensionAttribute5"].Value = theRow["FunctionalSubordinates"].ToString();

      if(theRow["FunctionalDelegates"].ToString().Trim().Length != 0)

            deUser.Properties["extensionAttribute6"].Value = theRow["FunctionalDelegates"].ToString();

 

      deUser.CommitChanges();

}

 

创建DirectoryEntry对象实例：

/// <summary>

/// This will return a DirectoryEntry object if the user does exist

/// </summary>

/// <param name="UserName"></param>

/// <returns></returns>

public static DirectoryEntry GetUser(string UserName)

{

      //create an instance of the DirectoryEntry

      DirectoryEntry de = GetDirectoryObject();

 

      //create instance fo the direcory searcher

      DirectorySearcher deSearch = new DirectorySearcher();

     

      deSearch.SearchRoot =de;

      //set the search filter

      deSearch.Filter = "(&(objectClass=user)(objectCategory=person)(sAMAccountName=" + UserName + "))";

      deSearch.SearchScope = SearchScope.Subtree;

   

      //find the first instance

      SearchResult results= deSearch.FindOne();

 

      //if found then return, otherwise return Null

      if(results !=null)

      {

            de= new DirectoryEntry(results.Path,ADUser,ADPassword,AuthenticationTypes.Secure);

            //if so then return the DirectoryEntry object

            return de;

      }

      else

      {

            return null;

      }

}

 

具体用户界面User Interface，请参考如下Reference 1.

 

References:

1. Rickie, 更新Active Directory/Exchange Address Book的小工具, http://www.cnblogs.com/rickie/archive/2005/06/29/183043.html

2. Craig Aroa, ADHelper - An Active Directory Class,

http://www.c-sharpcorner.com/Code/2002/Sept/ADClass.asp

3. Rickie, 基于Active Directory的用户验证, http://www.cnblogs.com/rickie/archive/2005/06/30/183700.html

4. Rickie, 从Active Directory中获取用户信息, http://www.cnblogs.com/rickie/archive/2005/07/01/184289.html