首先我們來了解一下什么是Active Directory。不用我描述,看以下網(wǎng)址,或在.net自帶幫助文檔里根據(jù)Active Directory關(guān)鍵字一搜,就什么都明白了。
http://developer.ccidnet.com/pub/article/c322_a28703_p2.html
接下來,我們來看看權(quán)限。你可以通過“網(wǎng)上鄰居--整個(gè)網(wǎng)絡(luò)--Directory--demain(你的域名)”你就可以看到所有關(guān)于域下的信息,粗一看就知道是怎么回事了。
需要告訴大家的:所有組織單位下的用戶都在Users(容器)--Demain Users(組)中
用代碼進(jìn)行訪問時(shí),如果你是域管理員用戶,則可以做任何操作,否則,只能查詢用戶屬性。
private void SearchUser()
{
string domainName = "Domain";
string groupName = "Domain Users";
string dirmemName="";
//在Domain Users域用戶里取得每個(gè)用戶名
System.DirectoryServices.DirectoryEntry group = new System.DirectoryServices.DirectoryEntry("WinNT://" domainName "/" groupName ",group");
foreach(Object member in (IEnumerable)group.Invoke("Members"))
{
//根據(jù)很個(gè)用戶生成如:"LDAP://OU=套裝軟體課,OU=系統(tǒng)開發(fā)部,OU=資訊服務(wù)處,OU=營運(yùn)支援中心,OU=XX公司,DC=Domain,DC=com,DC=cn"
System.DirectoryServices.DirectoryEntry dirmem = new System.DirectoryServices.DirectoryEntry(member);
dirmemName=dirmem.Name;
string DomainName="Domain";
string FilterStr = "(sAMAccountname=" dirmemName ")";
System.DirectoryServices.DirectorySearcher FindMe = new System.DirectoryServices.DirectorySearcher(DomainName);
FindMe.Filter = FilterStr;
System.DirectoryServices.SearchResult FindRes = FindMe.FindOne();
System.DirectoryServices.DirectoryEntry MyUser = FindRes.GetDirectoryEntry();
string OUPath=MyUser.Parent.Path;
//找到該用戶所在的LDAP:后,由域管理員登錄,并取得該用戶的所在屬性。
string strFieldsValue="",strFields="";
System.DirectoryServices.DirectoryEntry myds=new System.DirectoryServices.DirectoryEntry(OUPath,"域管理員名","域管理員密碼");
foreach(System.DirectoryServices.DirectoryEntry tempEntry in myds.Children)
{
if(tempEntry.SchemaClassName.ToString() == "user" && tempEntry.Properties["sAMAccountName"].Value.ToString().ToLower()==dirmemName)
{
foreach (string propertyName in tempEntry.Properties.PropertyNames )
{
string oneNode = propertyName ": "
entry.Properties[propertyName][0].ToString();
this.Textbox1.Text=oneNode;
}
}
?
--------------------------------------------------------------------------------
public void AddUser(string strPath,string Username,string ChineseName)//strPath 增加用戶至哪個(gè)組織單位如"LDAP://OU=XX公司,DC=Domain,DC=com"帳號(hào)、中文名{
try
{
string RootDSE;
//System.DirectoryServices.DirectorySearcher DSESearcher= new System.DirectoryServices.DirectorySearcher();
//RootDSE=DSESearcher.SearchRoot.Path;
//RootDSE="LDAP://DC=Domain,DC=com";
//RootDSE=RootDSE.Insert(7,"CN=Users,");
System.DirectoryServices.DirectoryEntry myDE = new System.DirectoryServices.DirectoryEntry(strPath);
System.DirectoryServices.DirectoryEntries myEntries = myDE.Children;
// Create a new entry 'Sample' in the container.
?
string strname="CN=" ChineseName;
System.DirectoryServices.DirectoryEntry myDirectoryEntry = myEntries.Add(strname, "user");
//MessageBox.Show(myDirectoryEntry.SchemaClassName.ToString());
myDirectoryEntry.Properties["userPrincipalName"].Value=Username;
myDirectoryEntry.Properties["name"].Value=ChineseName;
myDirectoryEntry.Properties["samAccountName"].Value=Username;
myDirectoryEntry.Properties["userAccountControl"].Value =66048; //590336;
myDirectoryEntry.CommitChanges();
}
--------------------------------------------------------------------------------
http://www.mscto.com/
private void addOU(string strPath,string OUName)//增加組織到strPath組織單位下,組織名稱
{
try
{
//String RootDSE;
//System.DirectoryServices.DirectorySearcher DSESearcher= new System.DirectoryServices.DirectorySearcher();
//RootDSE=DSESearcher.SearchRoot.Path;
//RootDSE="
http://www.cnblogs.com/ahjxxy/admin/ldap://OU/
=百意時(shí)尚廣場,DC=Domain,DC=com";
System.DirectoryServices.DirectoryEntry myDE = new System.DirectoryServices.DirectoryEntry(strPath);
System.DirectoryServices.DirectoryEntries myEntries = myDE.Children;
string name="OU=" OUName;
System.DirectoryServices.DirectoryEntry myDirectoryEntry = myEntries.Add(name,"organizationalUnit");
myDirectoryEntry.Properties["name"].Value=OUName;
myDirectoryEntry.Properties["instanceType"].Value=4;
myDirectoryEntry.Properties["distinguishedName"].Value="OU=" OUName ",DC=Domain,DC=COM)";
myDirectoryEntry.Properties["objectCategory"].Value="CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=sedep,DC=COM";
myDirectoryEntry.Properties["ou"].Value=OUName;
myDirectoryEntry.Properties["postalCode"].Value="777";
myDirectoryEntry.CommitChanges();
//UserMoveto("
http://www.cnblogs.com/ahjxxy/admin/ldap://OU/
=" OUName ",DC=sedep,DC=com",strPath);
}
catch(Exception RaiseErr)
{
MessageBox.Show (RaiseErr.Message);
}
}
-------------------------------------------------------------------------------- 軟件開發(fā)網(wǎng)
private void ModifyUser()
{
try
{
string DomainName="Domain";
string FilterStr = "(sAMAccountname=karlluo)";
System.DirectoryServices.DirectorySearcher FindMe = new System.DirectoryServices.DirectorySearcher(DomainName);
FindMe.Filter = FilterStr;
System.DirectoryServices.SearchResult FindRes = FindMe.FindOne();
string tt=FindRes.Path;
System.DirectoryServices.DirectoryEntry MyUser = FindRes.GetDirectoryEntry();
string OUPath=MyUser.Parent.Path;
DirectoryEntry myds=new DirectoryEntry(OUPath,"域管理員名","域管理員密碼");
foreach(System.DirectoryServices.DirectoryEntry tempEntry in myds.Children)
{
if(tempEntry.SchemaClassName.ToString() == "user")
{
if(tempEntry.Properties["sAMAccountName"].Value.ToString().ToLower()=="karlluo")
{
tempEntry.UsePropertyCache=true;
tempEntry.Properties["st"].Value="yyyyyyyyyyyyyyyy";
//newEntry.Properties["userPrincipalName"].Value="userID";
tempEntry.CommitChanges();
}
}
}
}
catch(Exception RaiseErr)
{
MessageBox.Show (RaiseErr.Message);
}
軟件開發(fā)網(wǎng)
}
?
更多文章、技術(shù)交流、商務(wù)合作、聯(lián)系博主
微信掃碼或搜索:z360901061
微信掃一掃加我為好友
QQ號(hào)聯(lián)系: 360901061
您的支持是博主寫作最大的動(dòng)力,如果您喜歡我的文章,感覺我的文章對(duì)您有幫助,請(qǐng)用微信掃描下面二維碼支持博主2元、5元、10元、20元等您想捐的金額吧,狠狠點(diǎn)擊下面給點(diǎn)支持吧,站長非常感激您!手機(jī)微信長按不能支付解決辦法:請(qǐng)將微信支付二維碼保存到相冊(cè),切換到微信,然后點(diǎn)擊微信右上角掃一掃功能,選擇支付二維碼完成支付。
【本文對(duì)您有幫助就好】元
