1.创建windows帐户
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
/// <summary> /// 创建Windows帐户 /// </summary> /// <param name="pathname"></param> /// <returns></returns> public static void CreateLocalUser( string username, string password, string description) { DirectoryEntry localMachine = new DirectoryEntry( "WinNT://" + Environment.MachineName + ",computer" ); var newUser = localMachine.Children.Add(username, "user" ); newUser.Invoke( "SetPassword" , new object [] { password }); newUser.Invoke( "Put" , new object [] { "Description" , description }); newUser.CommitChanges(); localMachine.Close(); newUser.Close(); } |
2.更改Windows帐户密码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
/// <summary> /// 更改Windows帐户密码 /// </summary> /// <param name="username"></param> /// <param name="oldPwd"></param> /// <param name="newPwd"></param> public static void ChangeWinUserPasswd( string username, string oldPwd, string newPwd) { DirectoryEntry localMachine = new DirectoryEntry( "WinNT://" + Environment.MachineName + ",computer" ); DirectoryEntry user = localMachine.Children.Find(username, "user" ); object [] password = new object [] { oldPwd, newPwd }; object ret = user.Invoke( "ChangePassword" , password); user.CommitChanges(); localMachine.Close(); user.Close(); } |
3.判断Windows用户是否存在
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
/// <summary> /// 判断Windows用户是否存在 /// </summary> /// <param name="username"></param> /// <returns></returns> public static bool ExistWinUser( string username) { try { using (DirectoryEntry localMachine = new DirectoryEntry( "WinNT://" + Environment.MachineName + ",computer" )) { var user = localMachine.Children.Find(username, "user" ); return user != null ; } } catch { return false ; } } |
4.删除Windows用户
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
/// <summary> /// 删除Windows用户 /// </summary> /// <param name="username"></param> /// <returns></returns> public static bool DeleteWinUser( string username) { try { using (DirectoryEntry localMachine = new DirectoryEntry( "WinNT://" + Environment.MachineName + ",computer" )) { //删除存在用户 var delUser = localMachine.Children.Find(username, "user" ); if (delUser != null ) { localMachine.Children.Remove(delUser); } } return true ; } catch { return false ; } } |
5.启用/禁用windows帐户
1
2
3
4
5
6
7
8
9
10
11
12
|
/// <summary> /// 启用/禁用windows帐户 /// </summary> /// <param name="username"></param> public static void Disable( string username, bool isDisable) { DirectoryEntry user = new DirectoryEntry(userDn); user.InvokeSet( "AccountDisabled" , isDisable); user.CommitChanges(); user.Close(); } |
操作windows帐户的方法的诀窍在于通过DirectoryEntry 实例调用Invoke,InvokeGet,InvokeSet这三个方法。此三个方法可以对对本机 Active Directory 对象调用方法。操作win帐户的Active Directory 对象就是IADsUser接口。DirectoryEntry 实例通过调用Invoke方法调用IADsUser接口的方法,如上面修改Windows帐户密码就是通过调用IADsUser接口的“ChangePassword”方法;通过InvokeGet和InvokeSet方法调用IADsUser接口的属性,如上面的启用/禁用windows帐户,调用IADsUser接口的“AccountDisabled”属性。IADsUser接口具体有什么方法和属性可参考:http://msdn.microsoft.com/zh-cn/library/aa746340(v=VS.85).aspx