Microsoft CRM采用AD验证的方式登陆,那么修改密码就需要去自己的电脑中修改,显然这样比较麻烦,且需要专门人员进行修改,因此采用Web验证的方式更加灵活。他能让你随时随地修改密码。
获取当前用户:
方式一:(使用webservice 获取 )
WhoAmIRequest request = new WhoAmIRequest();
IOrganizationService service = GetService();
WhoAmIResponse response = (WhoAmIResponse)service.Execute(request);
Guid userId = response.UserId;
Entity curUser = service.Retrieve("systemuser", userId, new ColumnSet { AllColumns = true });
string displayMsg = curUser.Attributes["domainname"].ToString();
user = curUser.Attributes["domainname"].ToString();
display.InnerText = user;
string[] s2 = user.Split('\\');
user = s2[1];
ps:获取的用户是以"域\用户名"的方式,所以通过Split()方法讲用户名取出来。
private IOrganizationService GetService()
{
Uri orgUri = new Uri("http://localhost:5555/library/xrmservices/2011/organization.svc"); //webservice地址
OrganizationServiceProxy service;
System.ServiceModel.Description.ClientCredentials credentials = new ClientCredentials();
credentials.Windows.ClientCredential = System.Net.CredentialCache.DefaultNetworkCredentials;
service = new OrganizationServiceProxy(orgUri, null, credentials, null);
service.ServiceConfiguration.CurrentServiceEndpoint.Behaviors.Add(new ProxyTypesBehavior());
return service;
}
方式二:
System.Security.Principal.IPrincipal userParm = HttpContext.Current.User;
string name = userParm.Identity.Name;
修改密码:
DirectoryEntry de = new DirectoryEntry("LDAP://OU=crm,DC=crm,DC=com", "administrator", "123", AuthenticationTypes.Secure);//域的根路径
de.UsePropertyCache = true;
DirectorySearcher searcher = new DirectorySearcher();
searcher.SearchRoot = de;
searcher.SearchScope = SearchScope.Subtree;
searcher.Filter = string.Format("(&(objectClass=user)(samAccountName={0}))", "librarian");
SearchResult result = searcher.FindOne();
DirectoryEntry user1 = result.GetDirectoryEntry();
if (PwdNew.Text == "" || PwdOld.Text == "" || PwdConfirm.Text == "")
{
lblResultMessage.Text = "请输入密码信息";
return;
}
if (result == null)
{
lblResultMessage.Text = "该用户不存在,无法进行密码修改.";
return;
}
try
{
user1.Invoke("ChangePassword", new object[] { PwdOld.Text.ToString(), PwdNew.Text.ToString() });
lblResultMessage.Text = "密码修改成功";
}
catch (Exception ex)
{
lblResultMessage.Text = ex.InnerException.Message.ToString();
}
finally
{
de.Close();
}
域的根路径如何获取:
打开Active Directory用户和计算机界面 如图
Ps :其中crm是我在装crm2011时装的,用于crm登录的用户组 图中所示的"distinguishedName”即为我们需要的域的根路径
密码策略:
如果无法修改密码,是AD的密码策略是我们无法修改,那么需要我们在服务器中手动修改策略。步骤如图:
ps:可根据需要自定义字段,也可以按照我的设置修改对应字段 最后运行“gpupdate”刷新策略。
最总效果图:(为了验证方便,便没有将textbox设为password模式。)