用代码进行访问时,如果你是域管理员用户,则可以做任何操作,否则,只能查询用户属性。 private void SearchUser() { string domainName = "Domain"; string groupName = "Domain Users"; string dirmemName=""; //在Domain Users域用户里取得每个用户名 System.DirectoryServices.DirectoryEntry group = new System.DirectoryServices.DirectoryEntry("WinNT://" + domainName + "/" + groupName + ",group"); foreach(Object member in (IEnumerable)group.Invoke("Members")) { //根据很个用户生成如:"LDAP://OU=套装软体课,OU=系统开发部,OU=资讯服务处,OU=营运支援中心,OU=XX公司,DC=Domain,DC=com,DC=cn" System.DirectoryServices.DirectoryEntry dirmem = new System.DirectoryServices.DirectoryEntry(member); dirmemName=dirmem.Name; string DomainName="Domain"; string FilterStr = "(sAMAccountname="+dirmemName+")"; System.DirectoryServices.DirectorySearcher FindMe = new System.DirectoryServices.DirectorySearcher(DomainName); FindMe.Filter = FilterStr; System.DirectoryServices.SearchResult FindRes = FindMe.FindOne(); System.DirectoryServices.DirectoryEntry MyUser = FindRes.GetDirectoryEntry(); string OUPath=MyUser.Parent.Path; //找到该用户所在的LDAP:后,由域管理员登录,并取得该用户的所在属性。 string strFieldsValue="",strFields=""; System.DirectoryServices.DirectoryEntry myds=new System.DirectoryServices.DirectoryEntry(OUPath,"域管理员名","域管理员密码"); foreach(System.DirectoryServices.DirectoryEntry tempEntry in myds.Children) { if(tempEntry.SchemaClassName.ToString() == "user" && tempEntry.Properties["sAMAccountName"].Value.ToString().ToLower()==dirmemName) { foreach (string propertyName in tempEntry.Properties.PropertyNames ) { string oneNode = propertyName + ": " + entry.Properties[propertyName][0].ToString(); this.Textbox1.Text=oneNode; } }
public void AddUser(string strPath,string Username,string ChineseName)//strPath 增加用户至哪个组织单位如"LDAP://OU=XX公司,DC=Domain,DC=com"帐号、中文名{ try { string RootDSE; //System.DirectoryServices.DirectorySearcher DSESearcher= new System.DirectoryServices.DirectorySearcher(); //RootDSE=DSESearcher.SearchRoot.Path; //RootDSE="LDAP://DC=Domain,DC=com"; //RootDSE=RootDSE.Insert(7,"CN=Users,"); System.DirectoryServices.DirectoryEntry myDE = new System.DirectoryServices.DirectoryEntry(strPath); System.DirectoryServices.DirectoryEntries myEntries = myDE.Children; // Create a new entry 'Sample' in the container. string strname="CN="+ChineseName; System.DirectoryServices.DirectoryEntry myDirectoryEntry = myEntries.Add(strname, "user"); //MessageBox.Show(myDirectoryEntry.SchemaClassName.ToString()); myDirectoryEntry.Properties["userPrincipalName"].Value=Username; myDirectoryEntry.Properties["name"].Value=ChineseName; myDirectoryEntry.Properties["samAccountName"].Value=Username; myDirectoryEntry.Properties["userAccountControl"].Value =66048; //590336; myDirectoryEntry.CommitChanges(); }
private void addOU(string strPath,string OUName)//增加组织到strPath组织单位下,组织名称 { try { //String RootDSE; //System.DirectoryServices.DirectorySearcher DSESearcher= new System.DirectoryServices.DirectorySearcher(); //RootDSE=DSESearcher.SearchRoot.Path; //RootDSE="LDAP://OU=百意时尚广场,DC=Domain,DC=com"; System.DirectoryServices.DirectoryEntry myDE = new System.DirectoryServices.DirectoryEntry(strPath); System.DirectoryServices.DirectoryEntries myEntries = myDE.Children; string name="OU="+OUName; System.DirectoryServices.DirectoryEntry myDirectoryEntry = myEntries.Add(name,"organizationalUnit"); myDirectoryEntry.Properties["name"].Value=OUName; myDirectoryEntry.Properties["instanceType"].Value=4; myDirectoryEntry.Properties["distinguishedName"].Value="OU="+OUName+",DC=Domain,DC=COM)"; myDirectoryEntry.Properties["objectCategory"].Value="CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=sedep,DC=COM"; myDirectoryEntry.Properties["ou"].Value=OUName; myDirectoryEntry.Properties["postalCode"].Value="777"; myDirectoryEntry.CommitChanges(); //UserMoveto("LDAP://OU="+OUName+",DC=sedep,DC=com",strPath); } catch(Exception RaiseErr) { MessageBox.Show (RaiseErr.Message); } }
private void ModifyUser() { try { string DomainName="Domain"; string FilterStr = "(sAMAccountname=karlluo)"; System.DirectoryServices.DirectorySearcher FindMe = new System.DirectoryServices.DirectorySearcher(DomainName); FindMe.Filter = FilterStr; System.DirectoryServices.SearchResult FindRes = FindMe.FindOne(); string tt=FindRes.Path; System.DirectoryServices.DirectoryEntry MyUser = FindRes.GetDirectoryEntry(); string OUPath=MyUser.Parent.Path; DirectoryEntry myds=new DirectoryEntry(OUPath,"域管理员名","域管理员密码"); foreach(System.DirectoryServices.DirectoryEntry tempEntry in myds.Children) { if(tempEntry.SchemaClassName.ToString() == "user") { if(tempEntry.Properties["sAMAccountName"].Value.ToString().ToLower()=="karlluo") { tempEntry.UsePropertyCache=true; tempEntry.Properties["st"].Value="yyyyyyyyyyyyyyyy"; //newEntry.Properties["userPrincipalName"].Value="userID"; tempEntry.CommitChanges(); } } } } catch(Exception RaiseErr) { MessageBox.Show (RaiseErr.Message); } }
来源:http://weiweictgu.cnblogs.com/archive/2006/07/13/449932.html
