AD如何用C#进行增删改、查询用户与OU

AD如何用C#进行增删改、查询用户与OU

 
正文:

首先我们来了解一下什么是Active Directory。不用我描述,看以下网址,或在.net自带帮助文档里根据Active Directory关键字一搜,就什么都明白了。 
http://developer.ccidnet.com/pub/article/c322_a28703_p2.html 

接下来,我们来看看权限。你可以通过“网上邻居--整个网络--Directory--demain(你的域名)”你就可以看到所有关于域下的信息,粗一看就知道是怎么回事了。 
需要告诉大家的:所有组织单位下的用户都在Users(容器)--Demain Users(组)中 
用代码进行访问时,如果你是域管理员用户,则可以做任何操作,否则,只能查询用户属性。 

private void SearchUser() 

string domainName = "Domain"; 
string groupName = "Domain Users"; 
string dirmemName=""; 
//在Domain Users域用户里取得每个用户名 
System.DirectoryServices.DirectoryEntry group = new System.DirectoryServices.DirectoryEntry("WinNT://" + domainName + "/" + groupName + ",group"); 
foreach(Object member in (IEnumerable)group.Invoke("Members")) 

//根据很个用户生成如:"LDAP://OU=套装软体课,OU=系统开发部,OU=资讯服务处,OU=营运支援中心,OU=XX公司,DC=Domain,DC=com,DC=cn" 
System.DirectoryServices.DirectoryEntry dirmem = new System.DirectoryServices.DirectoryEntry(member); 
dirmemName=dirmem.Name; 
string DomainName="Domain"; 
string FilterStr = "(sAMAccountname="+dirmemName+")"; 
System.DirectoryServices.DirectorySearcher FindMe = new System.DirectoryServices.DirectorySearcher(DomainName); 
FindMe.Filter = FilterStr; 
System.DirectoryServices.SearchResult FindRes = FindMe.FindOne(); 
System.DirectoryServices.DirectoryEntry MyUser = FindRes.GetDirectoryEntry(); 
string OUPath=MyUser.Parent.Path; 
//找到该用户所在的LDAP:后,由域管理员登录,并取得该用户的所在属性。 
string strFieldsValue="",strFields=""; 
System.DirectoryServices.DirectoryEntry myds=new System.DirectoryServices.DirectoryEntry(OUPath,"域管理员名","域管理员密码"); 
foreach(System.DirectoryServices.DirectoryEntry tempEntry in myds.Children) 

if(tempEntry.SchemaClassName.ToString() == "user" && tempEntry.Properties["sAMAccountName"].Value.ToString().ToLower()==dirmemName) 

foreach (string propertyName in tempEntry.Properties.PropertyNames ) 

string oneNode = propertyName + ": " + 
entry.Properties[propertyName][0].ToString(); 
this.Textbox1.Text=oneNode; 

}




public void AddUser(string strPath,string Username,string

ChineseName)//strPath 增加用户至哪个组织单位如"LDAP://OU=XX公司,DC=Domain,DC=com"帐号、中文名{


try
{
string RootDSE;


//System.DirectoryServices.DirectorySearcher DSESearcher= new

System.DirectoryServices.DirectorySearcher();


//RootDSE=DSESearcher.SearchRoot.Path;


//RootDSE="LDAP://DC=Domain,DC=com";


//RootDSE=RootDSE.Insert(7,"CN=Users,");


System.DirectoryServices.DirectoryEntry myDE = new

System.DirectoryServices.DirectoryEntry(strPath);


System.DirectoryServices.DirectoryEntries myEntries = myDE.Children;
//

Create a new entry 'Sample' in the container.
string

strname="CN="+ChineseName;
System.DirectoryServices.DirectoryEntry

myDirectoryEntry = myEntries.Add(strname, "user");



//MessageBox.Show(myDirectoryEntry.SchemaClassName.ToString());


myDirectoryEntry.Properties["userPrincipalName"].Value=Username;


myDirectoryEntry.Properties["name"].Value=ChineseName; 
myDirectoryEntry.Properties["samAccountName"].Value=Username; 
myDirectoryEntry.Properties["userAccountControl"].Value =66048; //590336; 
myDirectoryEntry.CommitChanges(); 
}




private void addOU(string strPath,string OUName)//增加组织到strPath组织单位下,组织名称


{
try
{
//String RootDSE;


//System.DirectoryServices.DirectorySearcher DSESearcher= new

System.DirectoryServices.DirectorySearcher();


//RootDSE=DSESearcher.SearchRoot.Path;


//RootDSE="LDAP://OU=百意时尚广场,DC=Domain,DC=com";



System.DirectoryServices.DirectoryEntry myDE = new

System.DirectoryServices.DirectoryEntry(strPath);


System.DirectoryServices.DirectoryEntries myEntries = myDE.Children;


string name="OU="+OUName;
System.DirectoryServices.DirectoryEntry

myDirectoryEntry = myEntries.Add(name,"organizationalUnit");



myDirectoryEntry.Properties["name"].Value=OUName;


myDirectoryEntry.Properties["instanceType"].Value=4; 
myDirectoryEntry.Properties["distinguishedName"].Value="OU="+OUName+",DC=Domain,DC=COM)"; 
myDirectoryEntry.Properties["objectCategory"].Value="CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=sedep,DC=COM"; 
myDirectoryEntry.Properties["ou"].Value=OUName; 
myDirectoryEntry.Properties["postalCode"].Value="777"; 

myDirectoryEntry.CommitChanges(); 
//UserMoveto("LDAP://OU="+OUName+",DC=sedep,DC=com",strPath); 

catch(Exception RaiseErr) 

MessageBox.Show (RaiseErr.Message); 

}




private void ModifyUser()
{
try
{
string

DomainName="Domain";
string FilterStr = "(sAMAccountname=karlluo)";


System.DirectoryServices.DirectorySearcher FindMe = new

System.DirectoryServices.DirectorySearcher(DomainName);
FindMe.Filter =

FilterStr;
System.DirectoryServices.SearchResult FindRes = FindMe.FindOne();


string tt=FindRes.Path;
System.DirectoryServices.DirectoryEntry MyUser =

FindRes.GetDirectoryEntry();
string OUPath=MyUser.Parent.Path;



DirectoryEntry myds=new DirectoryEntry(OUPath,"域管理员名","域管理员密码");



foreach(System.DirectoryServices.DirectoryEntry tempEntry in

myds.Children)
{
if(tempEntry.SchemaClassName.ToString() == "user")


{


if(tempEntry.Properties["sAMAccountName"].Value.ToString().ToLower()=="karlluo")



tempEntry.UsePropertyCache=true; 
tempEntry.Properties["st"].Value="yyyyyyyyyyyyyyyy"; 
//newEntry.Properties["userPrincipalName"].Value="userID"; 
tempEntry.CommitChanges(); 




catch(Exception RaiseErr) 

MessageBox.Show (RaiseErr.Message); 


}

类别: Active Directory

转载于:https://www.cnblogs.com/ningang/p/4321694.html

你可能感兴趣的:(AD如何用C#进行增删改、查询用户与OU)