修改AD域用户的隶属于功能,用户组是数组类型也就可以一次添加多个组。
#region 修改用户的隶属于
/// <summary>
/// 用户添加到组中,或从组中删除
/// </summary>
/// <param name="IsDel">true删除,false添加</param>
/// <param name="UserName">用户名称</param>
/// <param name="GroupName">用户组名称</param>
/// <returns></returns>
public async Task<JsonView> UpdateUserInGroup(bool IsDel, string UserName, string[] GroupName)
{
var result = new JsonView();
DirectoryEntry UserDE;
using (DirectoryEntry entry = operateADHelper.IsConnected())
{
try
{
var UserPath = GetEntryPath(UserName, "user");//取用户路径
UserDE = entry.Children.Find(UserPath, "User");//获取用户对象
}
catch (DirectoryServicesCOMException ex)
{
result.Code = 1;
result.Msg = "未找到该用户,请检查用户名称" + ex.Message.ToString();
return result;
}
try
{
foreach (var group in GroupName)
{
var GroupPath = GetEntryPath(group, "group");//取用户组路径
DirectoryEntry GroupDE = entry.Children.Find(GroupPath, "Group");
if (IsDel == true)
{
GroupDE.Properties["member"].Remove(UserDE.Properties["distinguishedName"].Value);//将用户从用户组删除
GroupDE.CommitChanges();
}
else
{
GroupDE.Properties["member"].Add(UserDE.Properties["distinguishedName"].Value);//将用户添加到用户组
GroupDE.CommitChanges();
}
}
result.Code = 0;
result.Msg = "操作成功";
return result;
}
catch (DirectoryServicesCOMException ex)
{
result.Code = 1;
result.Msg = "操作失败" + ex.Message.ToString();
return result;
}
}
}
#endregion