/// <summary> |
003 | /// 目录权限 |
004 | /// </summary> |
005 | public enum FloderRights |
006 | { |
007 | FullControl, |
008 | Read, |
009 | Write |
010 | } |
011 |
012 | /// <summary> |
013 | /// 创建Windows帐户 |
014 | /// </summary> |
015 | /// <param name="pathname"></param> |
016 | /// <returns></returns> |
017 | public static void CreateLocalUser( string username, string password, string description) |
018 | { |
019 | DirectoryEntry dirEntry = new DirectoryEntry( "WinNT://" + Environment.MachineName + ",computer" ); |
020 | var NewUser = dirEntry.Children.Add(username, "user" ); |
021 | NewUser.Invoke( "SetPassword" , new object [] { password }); |
022 | NewUser.Invoke( "Put" , new object [] { "Description" , description }); |
023 | NewUser.CommitChanges(); |
024 | } |
025 |
026 |
027 | /// <summary> |
028 | /// 更改Windows帐户密码 |
029 | /// </summary> |
030 | /// <param name="username"></param> |
031 | /// <param name="oldPwd"></param> |
032 | /// <param name="newPwd"></param> |
033 | public static void ChangeWinUserPasswd( string username, string oldPwd, string newPwd) |
034 | { |
035 | DirectoryEntry dirEntry = new DirectoryEntry( "WinNT://" + Environment.MachineName + ",computer" ); |
036 | DirectoryEntry userEntry = dirEntry.Children.Find(username, "user" ); |
037 | object [] password = new object [] { newPwd, oldPwd }; |
038 | object ret = userEntry.Invoke( "ChangePassword" , password); |
039 | userEntry.CommitChanges(); |
040 | } |
041 |
042 | /// <summary> |
043 | /// 给目录添加用户和权限 |
044 | /// </summary> |
045 | /// <param name="pathname"></param> |
046 | /// <param name="username"></param> |
047 | /// <param name="qx"></param> |
048 | public static void AddPathRights( string pathname, string username, FloderRights qx) |
049 | { |
050 | DirectoryInfo dirinfo = new DirectoryInfo(pathname); |
051 | if ((dirinfo.Attributes & FileAttributes.ReadOnly) != 0) |
052 | { |
053 | dirinfo.Attributes = FileAttributes.Normal; |
054 | } |
055 | //取得访问控制列表 |
056 | DirectorySecurity dirsecurity = dirinfo.GetAccessControl(); |
057 | // string strDomain = Dns.GetHostName(); |
058 | switch (qx) |
059 | { |
060 | case FloderRights.FullControl: |
061 | dirsecurity.AddAccessRule( new FileSystemAccessRule(username, FileSystemRights.FullControl, AccessControlType.Allow)); |
062 | break ; |
063 | case FloderRights.Read: |
064 | dirsecurity.AddAccessRule( new FileSystemAccessRule(username, FileSystemRights.Read, AccessControlType.Allow)); |
065 | break ; |
066 | case FloderRights.Write: |
067 | dirsecurity.AddAccessRule( new FileSystemAccessRule(username, FileSystemRights.Write, AccessControlType.Allow)); |
068 | break ; |
069 | default : |
070 | dirsecurity.AddAccessRule( new FileSystemAccessRule(username, FileSystemRights.FullControl, AccessControlType.Deny)); |
071 | break ; |
072 | } |
073 |
074 | dirinfo.SetAccessControl(dirsecurity); |
075 |
076 | //取消目录从父继承 |
077 | DirectorySecurity dirSecurity = System.IO.Directory.GetAccessControl(pathname); |
078 | dirSecurity.SetAccessRuleProtection( true , false ); |
079 | System.IO.Directory.SetAccessControl(pathname, dirSecurity); |
080 |
081 | //AccessControlType.Allow允许访问受保护对象//Deny拒绝访问受保护对象 |
082 | //FullControl、Read 和 Write 完全控制,读,写 |
083 | //FileSystemRights.Write写入//Delete删除 //DeleteSubdirectoriesAndFiles删除文件夹和文件//ListDirectory读取 |
084 | //Modify读写删除-修改//只读打开文件和复制// |
085 | } |
086 |
087 | /// <summary> |
088 | /// 判断Windows用户是否存在 |
089 | /// </summary> |
090 | /// <param name="username"></param> |
091 | /// <returns></returns> |
092 | public static bool ExistWinUser( string username) |
093 | { |
094 | try |
095 | { |
096 | using (DirectoryEntry dirEntry = new DirectoryEntry( "WinNT://" + Environment.MachineName + ",computer" )) |
097 | { |
098 | //删除存在用户 |
099 | var delUser = dirEntry.Children.Find(username, "user" ); |
100 | return delUser != null ; |
101 | } |
102 | } |
103 | catch |
104 | { |
105 | return false ; |
106 | } |
107 | } |
108 |
109 | /// <summary> |
110 | /// 删除Windows用户 |
111 | /// </summary> |
112 | /// <param name="username"></param> |
113 | /// <returns></returns> |
114 | public static bool DeleteWinUser( string username) |
115 | { |
116 | try |
117 | { |
118 | using (DirectoryEntry dirEntry = new DirectoryEntry( "WinNT://" + Environment.MachineName + ",computer" )) |
119 | { |
120 | //删除存在用户 |
121 | var delUser = dirEntry.Children.Find(username, "user" ); |
122 | if (delUser != null ) |
123 | { |
124 | dirEntry.Children.Remove(delUser); |
125 | } |
126 | } |
127 | return true ; |
128 | } |
129 | catch |
130 | { |
131 | return false ; |
132 | } |
133 | } |