• C# 操作Windows域代码


    前段时间研究了LDAP用户集成的一些内容,下面是我经过多次google后,自己写的一份操作Windows域的代码,

    这是操作domain的类:

      private string _Domain;
        private string AdUser;
        private string AdPwd;
        private string _prefixPath = "LDAP://";
        private string _suffixPath;
     public OperateDomain()
     {
            _Domain = System.Configuration.ConfigurationManager.AppSettings["Domain"].ToString();
            AdUser = System.Configuration.ConfigurationManager.AppSettings["ADAdminUser"].ToString();
            AdPwd = System.Configuration.ConfigurationManager.AppSettings["ADAdminPassword"].ToString();
            _suffixPath = "DC=" + _Domain + ",DC=COM";
     }

    /// <summary>
        /// 添加用户
        /// </summary>
        /// <param name="directoryType">父节点的类型</param>
        /// <param name="parentNode">父节点名称</param>
        /// <param name="user">用户</param>
        /// <returns></returns>
        private string AdAddUser( DomainUser user)
        {
            string path = FormatPath(DomainUser._cn, "users");
            try
            {
                DirectoryEntry Entry = new DirectoryEntry(path, AdUser, AdPwd, AuthenticationTypes.Secure);
                DirectoryEntry NewUser = Entry.Children.Add("cn=" + user.UserId, "User");

                NewUser.Properties["userPrincipalName"].Value = user.UserPrincipalName;
                NewUser.Properties["name"].Value = user.UserId;
                NewUser.Properties["sn"].Value = user.UserId;
                NewUser.Properties["displayName"].Value = user.UserName;
                NewUser.Properties["samAccountName"].Value = user.UserId;
                NewUser.Properties["Department"].Value = user.Department;
                //NewUser.Properties["telephoneNumber"].Value = user.Telephone;
                //NewUser.Properties["mail"].Value = user.Email;
                if (user.Telephone != null && user.Telephone != "")
                {
                    NewUser.Properties["telephoneNumber"].Value = user.Telephone;
                }
                //else
                //{
                //    NewUser.Properties["telephoneNumber"].Value = null;
                //}
                if (user.Email != null && user.Email != "")
                {
                    NewUser.Properties["mail"].Value = user.Email;
                }
                //else
                //{
                //    NewUser.Properties["mail"].Value = null;
                //}
                if (user.Description != null && user.Description != "")
                {
                    NewUser.Properties["description"].Value = user.Description;
                }
                //else
                //{
                //    NewUser.Properties["description"].Value = null;

                //}
                NewUser.CommitChanges();

                SetAdPassword(user.UserId, user.Password);
                EnableUser(user.UserId);
                Entry.Close();

                return DomainUser._success;
            }
            catch (Exception ex)
            {
                LogManage.SaveInfo(ex.ToString());
                return DomainUser._failed;
            }
        }
        /// <summary>
        /// 修改帐户信息
        /// </summary>
        /// <param name="user"></param>
        /// <returns></returns>
        private string ModifyADUser(DomainUser user)
        {
            try
            {
                DirectoryEntry dEntry = GetUser(user.UserId);
                DirectoryEntry Entry = new DirectoryEntry(dEntry.Path, AdUser, AdPwd, AuthenticationTypes.Secure);

                Entry.Properties["displayName"].Value = user.UserName;
                Entry.Properties["Department"].Value = user.Department;

                if (user.Telephone != null && user.Telephone != "")
                {
                    Entry.Properties["telephoneNumber"].Value = user.Telephone;
                }
                else
                {
                    Entry.Properties["telephoneNumber"].Value = null;
                }
                if (user.Email != null && user.Email != "")
                {
                    Entry.Properties["mail"].Value = user.Email;
                }
                else
                {
                    Entry.Properties["mail"].Value = null;
                }
                if (user.Description != null && user.Description != "")
                {
                    Entry.Properties["description"].Value = user.Description;
                }
                else
                {
                    Entry.Properties["description"].Value = null;

                }

                Entry.CommitChanges();
                Entry.Close();
                dEntry.Close();
                return DomainUser._success;
            }
            catch (Exception ex)
            {
                LogManage.SaveInfo(ex.ToString());
                return DomainUser._failed;
            }
        }
        /// <summary>
        /// 判断用户帐号是否激活
        /// </summary>
        /// <param name="username"></param>
        /// <returns>如果用户帐号已经激活,返回 true;否则返回 false</returns>
        public string IsAccountActive(string username)  
         {
            try
            {
                DirectoryEntry de = GetUser(username);
                 int userAccountControl = Convert.ToInt32(de.Properties["userAccountControl"][0]);
                 int userAccountControl_Disabled = Convert.ToInt32(ActiveDs.ADS_USER_FLAG.ADS_UF_ACCOUNTDISABLE);
                 int flagExists = userAccountControl & userAccountControl_Disabled;

                 if (flagExists > 0)
                     return LoginResult.LOGIN_USER_ACCOUNT_INACTIVE.ToString();
                 else
                     return LoginResult.LOGIN_USER_ACCOUNT_ACTIVE.ToString();
             }
            catch(Exception ex)
            {
                LogManage.SaveInfo(ex.ToString());
                return ex.ToString();
            }
        }
        /// <summary>
        /// 开启用户
        /// </summary>
        /// <param name="user"></param>
        private string EnableUser(string username)
        {
            try
            {
                DirectoryEntry user = GetUser(username);
                int val = (int)user.Properties["userAccountControl"].Value;
                //用户密码永不过期
                user.Properties["userAccountControl"].Value = val & ~(int)ActiveDs.ADS_USER_FLAG.ADS_UF_ACCOUNTDISABLE | (int)ActiveDs.ADS_USER_FLAG.ADS_UF_DONT_EXPIRE_PASSWD;
                user.CommitChanges();
                user.Close();
                return DomainUser._success;

            }
            catch (Exception ex)
            {
                LogManage.SaveInfo(ex.ToString());
                return DomainUser._failed;

            }
        }
        /// <summary>
        /// 禁用/激活用户
        /// </summary>
        /// <param name="username"></param>
        private string UnenableUser(string username)
        {
            try
            {
                DirectoryEntry user = GetUser(username);
                int val = (int)user.Properties["userAccountControl"].Value;
                user.Properties["userAccountControl"].Value = val | (int)ActiveDs.ADS_USER_FLAG.ADS_UF_ACCOUNTDISABLE;

                user.CommitChanges();
                user.Close();
                return DomainUser._success;

            }
            catch (Exception ex)
            {
                LogManage.SaveInfo(ex.ToString());
                return DomainUser._failed;

            }
        }
        /// <summary>
        /// 设置密码
        /// </summary>
        /// <param name="ude">用户</param>
        /// <param name="password">密码</param>
        private string SetAdPassword(string username, string password)
        {
            try
            {
                DirectoryEntry entry = GetUser(username);
                entry.Invoke("SetPassword", new object[] { password });
                entry.CommitChanges();
                entry.Close();
                return DomainUser._success;

            }
            catch (Exception ex)
            {
                LogManage.SaveInfo(ex.ToString());
                return DomainUser._failed;

            }
        }
        /// <summary>
        /// 修改密码
        /// </summary>
        /// <param name="ude">用户</param>
        /// <param name="password">旧密码</param>
        /// <param name="password">新密码</param>
        private string ChangePassword(string username, string oldpwd, string newpwd)
        {
            try
            {
                DirectoryEntry entry = GetUser(username);
               
                entry.Invoke("ChangePassword", new object[] { oldpwd, newpwd });
                entry.CommitChanges();
                entry.Close();
                return DomainUser._success;
            }
            catch (Exception ex)
            {
                LogManage.SaveInfo(ex.ToString());
                return DomainUser._failed;
            }
        }
        /// <summary>
        /// 格式化要添加的对象是否存在的DirectoryEntry的参数Path
        /// </summary>
        /// <param name="addType">对象的类型(组织单位/组/计算机/联系人)</param>
        /// <param name="directoryType">父节点的类型</param>
        /// <param name="parentNode">父节点名称</param>
        /// <param name="ouName">节点名称</param>
        /// <returns></returns>
        private string FormatPath(string addType, string directoryType, string parentNode, string ouName)
        {
            string path = "";
            //返回存在组织单位的path
            if (addType == DomainUser._ou)
            {
                //在组织单位下面
                if (directoryType == DomainUser._ou)
                {
                    path = _prefixPath + "OU=" + ouName + "," + "OU=" + parentNode + "," + _suffixPath;
                }
                //在域下面
                else
                {
                    path = _prefixPath + "OU=" + ouName + "," + _suffixPath;
                }
                return path;
            }
            //返回存在(组/计算机/联系人)的path
            else if (addType == DomainUser._cn)
            {
                //在组织单位下面
                if (directoryType == DomainUser._ou)
                {
                    path = _prefixPath + "CN=" + ouName + "," + "OU=" + parentNode + "," + _suffixPath;
                }
                //在文件夹下(Users)
                else if (directoryType == DomainUser._cn)
                {
                    path = _prefixPath + "CN=" + ouName + "," + "CN=" + parentNode + "," + _suffixPath;
                }
                //在域下面
                else
                {
                    path = _prefixPath + "CN=" + ouName + "," + _suffixPath;
                }
                return path;
            }
            else
            {
                return path;
            }
        }
        /// <summary>
        /// 格式化父节点DirectoryEntry的参数Path
        /// </summary>
        /// <param name="addType">添加对象的类型(组织单位/组/计算机/联系人)</param>
        /// <param name="directoryType">父节点的类型</param>
        /// <param name="parentNode">父节点名称</param>
        /// <returns></returns>
        private string FormatPath(string directoryType, string parentNode)
        {
            string path = "";
            ////返回组织单位的path
            //if (addType == DomainUser._ou)
            //{
            //    //在组织单位下面
            //    if (directoryType == DomainUser._ou)
            //    {
            //        path = _prefixPath + "OU=" + parentNode + "," + _suffixPath;
            //    }
            //    //在域下面
            //    else
            //    {
            //        path = _prefixPath + _suffixPath;
            //    }
            //    return path;
            //}
            //返回(组/计算机/联系人)的path
            //else if (addType == DomainUser._cn)
            //{
            //在组织单位下面
            if (directoryType == DomainUser._ou)
            {
                path = _prefixPath + "OU=" + parentNode + "," + _suffixPath;
            }
            //在文件夹下(Users)
            else if (directoryType == DomainUser._cn)
            {
                path = _prefixPath + "CN=" + parentNode + "," + _suffixPath;
            }
            //在域下面
            else
            {
                path = _prefixPath + _suffixPath;
            }
            return path;
            //}
            //else
            //{
            //    return path;
            //}
        }
        /// <summary>
        /// 从域中按照用户名查找用户
        /// </summary>
        /// <param name="username"></param>
        /// <returns></returns>
        private DirectoryEntry GetUser(string username)
        {
            string path = _prefixPath + _suffixPath;
            DirectoryEntry deuser;
            try
            {
                DirectoryEntry de = new DirectoryEntry(path, AdUser, AdPwd);
                DirectorySearcher deSearch = new DirectorySearcher(de);
                deSearch.Filter = "(&(objectClass=user)(cn=" + username + "))";
                deSearch.SearchScope = SearchScope.Subtree;
                SearchResult result = deSearch.FindOne();
                if (result != null)
                {
                    deuser = result.GetDirectoryEntry();
                    return deuser;
                }
                else
                {
                    return null;
                }
            }
            catch(Exception ex)
            {           
                LogManage.SaveInfo(ex.ToString());
                return null;
            }
        }
        /// <summary>
        /// 判断用户是否已经存在域中
        /// </summary>
        /// <param name="userId"></param>
        /// <returns></returns>
        private bool ExitUser(string userId)
        {
            try
            {
                DirectoryEntry de = null;
                de = GetUser(userId);
                if (de == null)
                {
                    return false;
                }
                else
                {
                    return true;
                }
            }
            catch(Exception ex)
            {
                LogManage.SaveInfo(ex.ToString());
                return true;
            }
        }
        /// <summary>
        /// 获取域用户信息
        /// </summary>
        /// <param name="userid"></param>
        /// <returns></returns>
        public DomainUser GetAdUserInfo(string userid)
        {
            DomainUser du = new DomainUser();
            DirectoryEntry de = GetUser(userid);
            if (de != null)
            {
                if (de.Properties["samAccountName"].Value != null)
                {
                    du.UserId = de.Properties["samAccountName"].Value.ToString();
                }
                if (de.Properties["displayName"].Value != null)
                {
                    du.UserName = de.Properties["displayName"].Value.ToString();
                }
                if (de.Properties["userPrincipalName"].Value != null)
                {
                    du.UserPrincipalName = de.Properties["userPrincipalName"].Value.ToString();
                }
                if (de.Properties["telephoneNumber"].Value != null)
                {
                    du.Telephone = de.Properties["telephoneNumber"].Value.ToString();
                }
                if (de.Properties["mail"].Value != null)
                {
                    du.Email = de.Properties["mail"].Value.ToString();
                }
                if (de.Properties["description"].Value != null)
                {
                    du.Description = de.Properties["description"].Value.ToString();
                }
                if (de.Properties["Department"].Value != null)
                {
                    du.Department = de.Properties["Department"].Value.ToString();
                }
            }

            return du;       
        }
        /// <summary>
        /// 从域中删除用户
        /// </summary>
        /// <param name="du"></param>
        /// <returns></returns>
        public string DeleteUser(DomainUser du)
        {
            try
            {
                DirectoryEntry de = GetUser(du.UserId);
                if (de != null)
                {
                    string path = de.Parent.Path;
                    DirectoryEntry parentde = new DirectoryEntry(path, AdUser, AdPwd, AuthenticationTypes.Secure);
                    parentde.Children.Remove(de);
                    return DomainUser._success;
                }
                else
                {
                    return DomainUser._failed;
                }
            }
            catch (Exception ex)
            {
                LogManage.SaveInfo(ex.ToString());
                return DomainUser._failed;
            }
        }

  • 相关阅读:
    phpexcel Could not open for reading! File does not exist.
    tp5 微信JSAPI支付
    ajax返回数据不跳success
    tp5 paginate带参翻页
    php 小程序 前后端POST通信
    小程序页面跳转不同方法
    小程序添加购物车
    小程序商城数量加减效果
    Include conf/extra/httpd-ssl.conf apache 无法启动
    SQL 实验详细源码参考
  • 原文地址:https://www.cnblogs.com/xiarifeixue/p/1631989.html
Copyright © 2020-2023  润新知