1. Create a Windows account
| 123456789101112131415 |
/// <summary>/// 创建Windows帐户/// </summary>/// <param name="pathname"></param>/// <returns></returns>publicstaticvoidCreateLocalUser(stringusername, stringpassword, stringdescription){ DirectoryEntry localMachine = newDirectoryEntry("WinNT://"+ Environment.MachineName + ",computer"); varnewUser = localMachine.Children.Add(username, "user"); newUser.Invoke("SetPassword", newobject[] { password }); newUser.Invoke("Put", newobject[] { "Description", description }); newUser.CommitChanges(); localMachine.Close(); newUser.Close();} |
2. Change the Windows account password
| 12345678910111213141516 |
/// <summary>/// 更改Windows帐户密码/// </summary>/// <param name="username"></param>/// <param name="oldPwd"></param>/// <param name="newPwd"></param>publicstaticvoidChangeWinUserPasswd(stringusername, stringoldPwd, stringnewPwd){ DirectoryEntry localMachine = newDirectoryEntry("WinNT://"+ Environment.MachineName + ",computer"); DirectoryEntry user = localMachine.Children.Find(username, "user"); object[] password = newobject[] { oldPwd, newPwd }; objectret = user.Invoke("ChangePassword", password); user.CommitChanges(); localMachine.Close(); user.Close();} |
3. Determine if a Windows user exists
| 1234567891011121314151617181920 |
/// <summary>/// 判断Windows用户是否存在/// </summary>/// <param name="username"></param>/// <returns></returns>publicstaticboolExistWinUser(stringusername){ try { using(DirectoryEntry localMachine = newDirectoryEntry("WinNT://"+ Environment.MachineName + ",computer")) { varuser = localMachine.Children.Find(username, "user"); returnuser != null; } } catch { returnfalse; }} |
4. Remove Windows users
| 12345678910111213141516171819202122232425 |
/// <summary>/// 删除Windows用户/// </summary>/// <param name="username"></param>/// <returns></returns>publicstaticboolDeleteWinUser(stringusername){ try { using(DirectoryEntry localMachine = newDirectoryEntry("WinNT://"+ Environment.MachineName + ",computer")) { //删除存在用户 vardelUser = localMachine.Children.Find(username, "user"); if(delUser != null) { localMachine.Children.Remove(delUser); } } returntrue; } catch { returnfalse; }} |
5. Enable/Disable Windows account
| 123456789101112 |
/// <summary>/// 启用/禁用windows帐户/// </summary>/// <param name="username"></param>publicstaticvoidDisable(stringusername, boolisDisable){ varuserDn = "WinNT://"+ Environment.MachineName + "/"+ username + ",user"; DirectoryEntry user = newDirectoryEntry(userDn); user.InvokeSet("AccountDisabled", isDisable); user.CommitChanges(); user.Close();} |
The trick to working with Windows accounts is to call Invoke,invokeget,invokeset three methods through the DirectoryEntry instance. These three methods can be called on a native Active Directory object. The active Directory object that operates the win account is the IADsUser interface. The DirectoryEntry instance invokes the method of the IADsUser interface by calling the Invoke method, such as modifying the Windows account password above by calling the "ChangePassword" method of the IADsUser interface By invoking the properties of the IADsUser interface through the Invokeget and Invokeset methods, such as the Enable/disable Windows account above, the "accountdisabled" property of the IADsUser interface is called. IADsUser interface What are the specific methods and properties to refer to: http://msdn.microsoft.com/zh-cn/library/aa746340 (v=vs.85). aspx
C # uses the DirectoryEntry class to manipulate Windows accounts
