帮助类主要是用作获取DirectoryEntry对象的路径。
1.获取路径
#region 根据名称类型获取子树路径
/// <summary>
/// 根据名称类型获取子树路径
/// </summary>
/// <param name="Name">名称</param>
/// <param name="Type">类型</param>
/// <returns>如果名称类型为空则查看的是首页</returns>
public string GetEntryPath(string Name, string Type)
{
string Prefix = GetPrefix(Type);//获取前缀
DirectoryEntry DE = operateADHelper.IsConnected();
DirectorySearcher deSearch = new DirectorySearcher(DE);
if (Type == "user")
{
deSearch.Filter = "(&(&(objectCategory=person)(objectClass=user))(sAMAccountName=" + Name + "))";
}
else
{
deSearch.Filter = "(&(objectClass=" + Type + ")(" + Prefix + Name + "))";
}
deSearch.SearchScope = SearchScope.Subtree;
try
{
SearchResult result = deSearch.FindOne();
if (result == null)
return null;
string Path = SubPath(result.Path);//截取路径
return Path;
}
catch (Exception ex)
{
return null;
}
}
#endregion
2.获取前缀方法
#region 根据类型获取前缀
/// <summary>
/// 根据类型获取前缀
/// </summary>
/// <param name="type"></param>
/// <returns></returns>
public string GetPrefix(string type)
{
string Prefix = "";
if (type == "builtinDomain" || type == "user" || type == "group" || type == "container" || type == "infrastructureUpdate" || type == "lostAndFound" || type == "msDS-QuotaContainer" || type == "msTPM-InformationObjectsContainer")
{
Prefix = "CN=";
}
if (type == "organizationalUnit")
{
Prefix = "OU=";
}
if (type == "domainDNS")
{
Prefix = "DC=";
}
return Prefix;
}
#endregion
3.截取路径方法
#region 截取路径
/// <summary>
/// 截取需要的路径
/// </summary>
/// <param name="Path"></param>
/// <returns></returns>
public string SubPath(string Path)
{
var path = Path.Substring(Path.IndexOf('=') - 2);
path = path.Substring(0, path.LastIndexOf(","));
path = path.Substring(0, path.LastIndexOf(","));
return path;
}
#endregion
4.修改用户属性方法
#region 修改用户属性
/// <summary>
/// 修改用户属性
/// </summary>
/// <param name="de"></param>
/// <param name="PropertyName">属性名称</param>
/// <param name="PropertyValue">属性值</param>
public static void SetProperty(DirectoryEntry de, string PropertyName, string PropertyValue)
{
if (PropertyValue != null)
{
if (de.Properties.Contains(PropertyName))//该属性存在
{
de.Properties[PropertyName][0] = PropertyValue;//按索引修改值
}
else
{
de.Properties[PropertyName].Add(PropertyValue);//添加属性和值
}
}
}
#endregion
4.截取名称
#region 截取名称
/// <summary>
/// 截取名称
/// </summary>
/// <param name="Path"></param>
/// <returns></returns>
public string SubName(string Path)
{
var path = Path.Substring(0, Path.IndexOf(","));
path = path.Substring(path.LastIndexOf('=') + 1);
return path;
}
#endregion
5.截取域名
#region 截取域名
/// <summary>
/// 截取域名
/// </summary>
/// <param name="Path"></param>
/// <returns></returns>
public string SubDomainName(string Path)
{
var path = Path.Substring(0, Path.LastIndexOf(","));
path = path.Substring(path.LastIndexOf('=') + 1);
return path;
}
#endregion
6.反推拼接路径
#region 反推拼接路径
/// <summary>
/// 反推拼接路径
/// </summary>
/// <param name="Path">Path</param>
/// <returns></returns>
public string GetPath(string Path)
{
Path = Path.Replace("CN=", "").Replace("OU=", "").Replace("DC=", "");//去除多余字符
string[] Name = Path.Split(',');//分割成数组
int Length = Name.Length;//取数组长度
string domainName1 = Name[Length - 2];//取数组倒数第二个
string domainName2 = Name[Length - 1];//取数组最后一个
Length = Length - 2;//长度减2
string path = "";
for (int i = Length -1; i > 0; i--)// >0则不取数组第一个
{
string obj = Name[i].ToString();
path += "/" + obj;
}
path = domainName1 + "." + domainName2 + path;
return path;
}
#endregion
7.获取隶属于集合
#region 获取隶属于集合
/// <summary>
/// 获取隶属于集合
/// </summary>
/// <param name="de">DirectoryEntry</param>
/// <returns></returns>
public AttributeSubordinate GetSubordinateList(DirectoryEntry de)
{
AttributeSubordinate attributeSubordinate = new AttributeSubordinate();
List<SubordinateGroup> SubordinateGroupList = new List<SubordinateGroup>();
if (de.Properties.Contains("memberOf"))
{
foreach (string groupDN in de.Properties["memberOf"])
{
SubordinateGroup subordinateGroup = new SubordinateGroup();
subordinateGroup.Name = SubName(groupDN);
subordinateGroup.Path = GetPath(groupDN);
SubordinateGroupList.Add(subordinateGroup);
}
}
Invoke方法可获的用户隶属于
//object obGroups = de.Invoke("Groups");
//foreach (object ob in (IEnumerable)obGroups)
//{
// SubordinateGroup subordinateGroup = new SubordinateGroup();
// DirectoryEntry obGpEntry = new DirectoryEntry(ob);
// subordinateGroup.Name = obGpEntry.Name.Replace("CN=", "");
// subordinateGroup.Path = GetPath(obGpEntry.Path);
// SubordinateGroupList.Add(subordinateGroup);
//}
attributeSubordinate.Subordinate = SubordinateGroupList;
return attributeSubordinate;
}
#endregion
8.定义一些枚举
///
///用户属性定义标志
///
public enum ADUserEnum
{
///
///默认设置新增账户启用
///
NORMAL_ACCOUNT = 0x0200,
///
///登录脚本标志。如果通过 ADSI LDAP 进行读或写操作时,该标志失效。如果通过 ADSI WINNT,该标志为只读。
///
ADS_UF_SCRIPT = 0X0001,
///
///用户帐号禁用标志
///
ADS_UF_ACCOUNTDISABLE = 2,//0X0002
///
///主文件夹标志
///
ADS_UF_HOMEDIR_REQUIRED = 0X0008,
///
///过期标志
///
ADS_UF_LOCKOUT = 0X0010,
///
///用户密码不是必须的
///
ADS_UF_PASSWD_NOTREQD = 0X0020,
///
///密码不能更改标志
///
ADS_UF_PASSWD_CANT_CHANGE = 0X0040,
///
///使用可逆的加密保存密码
///
ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED = 0X0080,
///
///本地帐号标志
///
ADS_UF_TEMP_DUPLICATE_ACCOUNT = 0X0100,
///
///普通用户的默认帐号类型
///
ADS_UF_NORMAL_ACCOUNT = 0X0200,
///
///跨域的信任帐号标志
///
ADS_UF_INTERDOMAIN_TRUST_ACCOUNT = 0X0800,
///
///工作站信任帐号标志
///
ADS_UF_WORKSTATION_TRUST_ACCOUNT = 0x1000,
///
///服务器信任帐号标志
///
ADS_UF_SERVER_TRUST_ACCOUNT = 0X2000,
///
///密码永不过期标志
///
ADS_UF_DONT_EXPIRE_PASSWD = 0X10000,//0X10000//65536
///
///密码过期标志
///
ADS_UF_EXPIRE_PASSWD = -65536,
///
/// MNS 帐号标志
///
ADS_UF_MNS_LOGON_ACCOUNT = 0X20000,
///
///交互式登录必须使用智能卡
///
ADS_UF_SMARTCARD_REQUIRED = 0X40000,
///
///当设置该标志时,服务帐号(用户或计算机帐号)将通过 Kerberos 委托信任
///
ADS_UF_TRUSTED_FOR_DELEGATION = 0X80000,
///
///当设置该标志时,即使服务帐号是通过 Kerberos 委托信任的,敏感帐号不能被委托
///
ADS_UF_NOT_DELEGATED = 0X100000,
///
///此帐号需要 DES 加密类型
///
ADS_UF_USE_DES_KEY_ONLY = 0X200000,
///
///不要进行 Kerberos 预身份验证
///
ADS_UF_DONT_REQUIRE_PREAUTH = 0X4000000,
///
///用户密码过期标志
///
ADS_UF_PASSWORD_EXPIRED = 0X800000,
///
///用户帐号可委托标志
///
ADS_UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION = 0X1000000,
/// <summary>
/// 通讯组本地域
/// </summary>
ADS_GROUP_TYPE_DOMAIN_LOCAL_GROUP = 0x4,
/// <summary>
/// 通讯组全局
/// </summary>
ADS_GROUP_TYPE_GLOBAL_GROUP = 0x2,
/// <summary>
/// 通讯组通用
/// </summary>
ADS_GROUP_TYPE_UNIVERSAL_GROUP = 0x8,
/// <summary>
/// 安全组本地域
/// </summary>
ADS_GROUP_TYPE_DOMAIN_LOCAL_SECURITYL = -2147483644,
/// <summary>
/// 安全组全局
/// </summary>
ADS_GROUP_TYPE_GLOBAL_SECURITYL = -2147483646,
/// <summary>
/// 安全组通用
/// </summary>
ADS_GROUP_TYPE_UNIVERSAL_SECURITYL = -2147483640
}
以上就是本专栏所用到的帮助类,还有一些扩展方法在其他文章上体现。