比如好用,省的以后用了再去找
ActiveDirectoryHelper
1
public
class
ActiveDirectoryHelper
2 {
3 public static string RootPath = "";
4 public static string AdminUsername = "";
5 public static string AdminPassword = "";
6 public static DirectoryEntry GetDirectoryEntry(string path, string username, string password)
7 {
8 DirectoryEntry de = new DirectoryEntry();
9 de.Path = path;
10 de.Username = username;
11 de.Password = password;
12
13 RootPath = path;
14 AdminUsername = username;
15 AdminPassword = password;
16
17 return de;
18 }
19
20 public static string CreateNewUser(DirectoryEntry entry, ActiveDirectoryUser adUser, string groupName)
21 {
22 DirectoryEntries users = entry.Children;
23 DirectoryEntry newUser = users.Add("CN=" + adUser.LoginName, "user");
24
25 SetProperty(newUser, "employeeID", adUser.EmployeeID);
26 SetProperty(newUser, "SAMAccountName", adUser.LoginName);
27 SetProperty(newUser, "userPrincipalName", adUser.LoginName);
28
29 string password = SetPassword(newUser.Path);
30 newUser.CommitChanges();
31
32 EnableAccount(newUser);
33
34 AddUserToGroup(entry, newUser, groupName);
35
36 newUser.Close();
37 entry.Close();
38 return password;
39 }
40
41 public static void SetProperty(DirectoryEntry entry, string propertyName, string propertyValue)
42 {
43 if (!string.IsNullOrEmpty(propertyValue))
44 {
45 if (entry.Properties.Contains(propertyName))
46 {
47 entry.Properties[propertyName][0] = propertyValue;
48 }
49 else
50 {
51 entry.Properties[propertyName].Add(propertyValue);
52 }
53 }
54 }
55
56 public static string GetProperty(DirectoryEntry entry, string propertyName)
57 {
58 if (entry.Properties.Contains(propertyName))
59 return entry.Properties[propertyName][0].ToString();
60 else
61 return String.Empty;
62 }
63
64 public static string SetPassword(string path)
65 {
66 DirectoryEntry user = new DirectoryEntry();
67 user.Path = path;
68 user.AuthenticationType = AuthenticationTypes.Secure;
69 string password = "RandomPassword.Generate()";
70 object[] pw = new object[] { password };
71 object ret = user.Invoke("SetPassword", pw);
72 user.CommitChanges();
73 user.Close();
74 return password;
75 }
76
77 public static void EnableAccount(DirectoryEntry entry)
78 {
79 // UF_DONT_EXPIRE_PASSWD 0x0001
80 int exp = (int)entry.Properties["userAccountControl"].Value;
81 entry.Properties["userAccountControl"].Value = exp | 0x0001;
82 entry.CommitChanges();
83 // UF_ACCOUNTDISABLE 0x0002
84 int val = (int)entry.Properties["userAccountControl"].Value;
85 entry.Properties["userAccountControl"].Value = val & ~0x0002;
86 entry.CommitChanges();
87 }
88
89 public static void DisableAccount(DirectoryEntry rootEntry, string employeeID)
90 {
91 DirectorySearcher searcher = new DirectorySearcher(rootEntry);
92 searcher.Filter = "(&(objectCategory=Person)(objectClass=user)(employeeID=" + employeeID + "))";
93 searcher.SearchScope = SearchScope.Subtree;
94 SearchResult result = searcher.FindOne();
95
96 if (result != null)
97 {
98 DirectoryEntry entry = GetDirectoryEntry(result.Path, AdminUsername, AdminPassword);
99 int val = (int)entry.Properties["userAccountControl"].Value;
100 entry.Properties["userAccountControl"].Value = val | 0x0002;
101 entry.Properties["msExchHideFromAddressLists"].Value = "TRUE";
102 entry.CommitChanges();
103 entry.Close();
104 }
105
106 rootEntry.Close();
107 }
108
109 public static void AddUserToGroup(DirectoryEntry entry, DirectoryEntry entryUser, string groupName)
110 {
111 DirectorySearcher searcher = new DirectorySearcher();
112 searcher.SearchRoot = entry;
113 searcher.Filter = "(&(objectClass=group) (cn=" + groupName + "))";
114 SearchResultCollection results = searcher.FindAll();
115
116 bool isGroupMember = false;
117 if (results.Count > 0)
118 {
119 DirectoryEntry group = GetDirectoryEntry(results[0].Path, AdminUsername, AdminPassword);
120 object members = group.Invoke("Members", null);
121 foreach (object member in (IEnumerable)members)
122 {
123 DirectoryEntry x = new DirectoryEntry(member);
124 if (x.Name != entryUser.Name)
125 isGroupMember = false;
126 else
127 {
128 isGroupMember = true;
129 break;
130 }
131 }
132 if (!isGroupMember)
133 {
134 group.Invoke("Add", new object[] { entryUser.Path.ToString() });
135 }
136 group.Close();
137 }
138 return;
139 }
140
141 public static DirectoryEntry UserExists(DirectoryEntry entry, string username)
142 {
143 DirectorySearcher searcher = new DirectorySearcher(entry);
144 // searcher.Filter = "(&(objectClass=user)(cn=" + username + "))";
145 searcher.Filter = "(&(objectClass=user)(samAccountName=" + username + "))";
146 SearchResultCollection results = searcher.FindAll();
147 entry.Close();
148 if (results.Count == 0)
149 return null;
150 else
151 return results[0].GetDirectoryEntry();
152 }
153
154 public static ActiveDirectoryUser GetUserInformation(DirectoryEntry userEntry)
155 {
156 ActiveDirectoryUser adUser = new ActiveDirectoryUser();
157 adUser.EmployeeID = GetProperty(userEntry, "employeeID");
158 adUser.Email = GetProperty(userEntry, "mail");
159
160 userEntry.Close();
161 return adUser;
162 }
163
164 public static void UpdateUserInformation(DirectoryEntry rootEntry, ActiveDirectoryUser adUser)
165 {
166 DirectorySearcher searcher = new DirectorySearcher(rootEntry);
167 searcher.Filter = "(&(objectCategory=Person)(objectClass=user)(employeeID=" + adUser.EmployeeID + "))";
168 searcher.SearchScope = SearchScope.Subtree;
169 SearchResult result = searcher.FindOne();
170
171 if (result != null)
172 {
173 DirectoryEntry userEntry = result.GetDirectoryEntry();
174 // SetProperty(userEntry, "
175 }
176 rootEntry.Close();
177 }
178}
179
实体类ActiveDirectoryUser
2 {
3 public static string RootPath = "";
4 public static string AdminUsername = "";
5 public static string AdminPassword = "";
6 public static DirectoryEntry GetDirectoryEntry(string path, string username, string password)
7 {
8 DirectoryEntry de = new DirectoryEntry();
9 de.Path = path;
10 de.Username = username;
11 de.Password = password;
12
13 RootPath = path;
14 AdminUsername = username;
15 AdminPassword = password;
16
17 return de;
18 }
19
20 public static string CreateNewUser(DirectoryEntry entry, ActiveDirectoryUser adUser, string groupName)
21 {
22 DirectoryEntries users = entry.Children;
23 DirectoryEntry newUser = users.Add("CN=" + adUser.LoginName, "user");
24
25 SetProperty(newUser, "employeeID", adUser.EmployeeID);
26 SetProperty(newUser, "SAMAccountName", adUser.LoginName);
27 SetProperty(newUser, "userPrincipalName", adUser.LoginName);
28
29 string password = SetPassword(newUser.Path);
30 newUser.CommitChanges();
31
32 EnableAccount(newUser);
33
34 AddUserToGroup(entry, newUser, groupName);
35
36 newUser.Close();
37 entry.Close();
38 return password;
39 }
40
41 public static void SetProperty(DirectoryEntry entry, string propertyName, string propertyValue)
42 {
43 if (!string.IsNullOrEmpty(propertyValue))
44 {
45 if (entry.Properties.Contains(propertyName))
46 {
47 entry.Properties[propertyName][0] = propertyValue;
48 }
49 else
50 {
51 entry.Properties[propertyName].Add(propertyValue);
52 }
53 }
54 }
55
56 public static string GetProperty(DirectoryEntry entry, string propertyName)
57 {
58 if (entry.Properties.Contains(propertyName))
59 return entry.Properties[propertyName][0].ToString();
60 else
61 return String.Empty;
62 }
63
64 public static string SetPassword(string path)
65 {
66 DirectoryEntry user = new DirectoryEntry();
67 user.Path = path;
68 user.AuthenticationType = AuthenticationTypes.Secure;
69 string password = "RandomPassword.Generate()";
70 object[] pw = new object[] { password };
71 object ret = user.Invoke("SetPassword", pw);
72 user.CommitChanges();
73 user.Close();
74 return password;
75 }
76
77 public static void EnableAccount(DirectoryEntry entry)
78 {
79 // UF_DONT_EXPIRE_PASSWD 0x0001
80 int exp = (int)entry.Properties["userAccountControl"].Value;
81 entry.Properties["userAccountControl"].Value = exp | 0x0001;
82 entry.CommitChanges();
83 // UF_ACCOUNTDISABLE 0x0002
84 int val = (int)entry.Properties["userAccountControl"].Value;
85 entry.Properties["userAccountControl"].Value = val & ~0x0002;
86 entry.CommitChanges();
87 }
88
89 public static void DisableAccount(DirectoryEntry rootEntry, string employeeID)
90 {
91 DirectorySearcher searcher = new DirectorySearcher(rootEntry);
92 searcher.Filter = "(&(objectCategory=Person)(objectClass=user)(employeeID=" + employeeID + "))";
93 searcher.SearchScope = SearchScope.Subtree;
94 SearchResult result = searcher.FindOne();
95
96 if (result != null)
97 {
98 DirectoryEntry entry = GetDirectoryEntry(result.Path, AdminUsername, AdminPassword);
99 int val = (int)entry.Properties["userAccountControl"].Value;
100 entry.Properties["userAccountControl"].Value = val | 0x0002;
101 entry.Properties["msExchHideFromAddressLists"].Value = "TRUE";
102 entry.CommitChanges();
103 entry.Close();
104 }
105
106 rootEntry.Close();
107 }
108
109 public static void AddUserToGroup(DirectoryEntry entry, DirectoryEntry entryUser, string groupName)
110 {
111 DirectorySearcher searcher = new DirectorySearcher();
112 searcher.SearchRoot = entry;
113 searcher.Filter = "(&(objectClass=group) (cn=" + groupName + "))";
114 SearchResultCollection results = searcher.FindAll();
115
116 bool isGroupMember = false;
117 if (results.Count > 0)
118 {
119 DirectoryEntry group = GetDirectoryEntry(results[0].Path, AdminUsername, AdminPassword);
120 object members = group.Invoke("Members", null);
121 foreach (object member in (IEnumerable)members)
122 {
123 DirectoryEntry x = new DirectoryEntry(member);
124 if (x.Name != entryUser.Name)
125 isGroupMember = false;
126 else
127 {
128 isGroupMember = true;
129 break;
130 }
131 }
132 if (!isGroupMember)
133 {
134 group.Invoke("Add", new object[] { entryUser.Path.ToString() });
135 }
136 group.Close();
137 }
138 return;
139 }
140
141 public static DirectoryEntry UserExists(DirectoryEntry entry, string username)
142 {
143 DirectorySearcher searcher = new DirectorySearcher(entry);
144 // searcher.Filter = "(&(objectClass=user)(cn=" + username + "))";
145 searcher.Filter = "(&(objectClass=user)(samAccountName=" + username + "))";
146 SearchResultCollection results = searcher.FindAll();
147 entry.Close();
148 if (results.Count == 0)
149 return null;
150 else
151 return results[0].GetDirectoryEntry();
152 }
153
154 public static ActiveDirectoryUser GetUserInformation(DirectoryEntry userEntry)
155 {
156 ActiveDirectoryUser adUser = new ActiveDirectoryUser();
157 adUser.EmployeeID = GetProperty(userEntry, "employeeID");
158 adUser.Email = GetProperty(userEntry, "mail");
159
160 userEntry.Close();
161 return adUser;
162 }
163
164 public static void UpdateUserInformation(DirectoryEntry rootEntry, ActiveDirectoryUser adUser)
165 {
166 DirectorySearcher searcher = new DirectorySearcher(rootEntry);
167 searcher.Filter = "(&(objectCategory=Person)(objectClass=user)(employeeID=" + adUser.EmployeeID + "))";
168 searcher.SearchScope = SearchScope.Subtree;
169 SearchResult result = searcher.FindOne();
170
171 if (result != null)
172 {
173 DirectoryEntry userEntry = result.GetDirectoryEntry();
174 // SetProperty(userEntry, "
175 }
176 rootEntry.Close();
177 }
178}
179
1
public
class
ActiveDirectoryUser
2 {
3 private string employeeID = "FPC00xxx";
4 public string EmployeeID
5 {
6 get { return employeeID; }
7 set
8 {
9 //Regex rx = new Regex(@"^FPC\d{5}");
10 //if (rx.IsMatch(value))
11 employeeID = value;
12 //else
13 // throw new ArgumentException("EmployeeID应该为FPCxxxxx,x代表数字", "EmployeeID");
14 }
15 }
16
17 private string loginName = "User";
18 public string LoginName
19 {
20 get { return loginName; }
21 set
22 {
23 Regex rx = new Regex("[0-9a-zA-Z]{3,10}");
24 if (rx.IsMatch(value))
25 loginName = value;
26 else
27 throw new ArgumentException("登录名应该是数字和字母的组合,并且在3-10个字符之间", "LoginName");
28 }
29 }
30
31 private string password = "Pass@word1";
32 public string Password
33 {
34 get { return password; }
35 set { password = value; }
36 }
37
38 private string email = "xxx@***.com.cn";
39 public string Email
40 {
41 get { return email; }
42 set { email = value; }
43 }
44}
45
2 {
3 private string employeeID = "FPC00xxx";
4 public string EmployeeID
5 {
6 get { return employeeID; }
7 set
8 {
9 //Regex rx = new Regex(@"^FPC\d{5}");
10 //if (rx.IsMatch(value))
11 employeeID = value;
12 //else
13 // throw new ArgumentException("EmployeeID应该为FPCxxxxx,x代表数字", "EmployeeID");
14 }
15 }
16
17 private string loginName = "User";
18 public string LoginName
19 {
20 get { return loginName; }
21 set
22 {
23 Regex rx = new Regex("[0-9a-zA-Z]{3,10}");
24 if (rx.IsMatch(value))
25 loginName = value;
26 else
27 throw new ArgumentException("登录名应该是数字和字母的组合,并且在3-10个字符之间", "LoginName");
28 }
29 }
30
31 private string password = "Pass@word1";
32 public string Password
33 {
34 get { return password; }
35 set { password = value; }
36 }
37
38 private string email = "xxx@***.com.cn";
39 public string Email
40 {
41 get { return email; }
42 set { email = value; }
43 }
44}
45