Recently, some friends asked me some questions about AD and moss user management registration, which is actually very simple,
Add the ad directly to the moss and assign permissions to it. Here is myCodeFor your reference.
I hope you will criticize the shortcomings!
The following code adds users in ad to the moss website and assigns Permissions
Using system;
Using system. Data;
Using system. configuration;
Using system. collections;
Using system. Web;
Using system. Web. Security;
Using system. Security. Principal;
Using system. Web. UI;
Using system. Web. UI. webcontrols;
Using system. Web. UI. webcontrols. webparts;
Using system. Web. UI. htmlcontrols;
Using system. directoryservices;
Using system. enterpriseservices;
Using system. runtime. interopservices;
Using Microsoft. SharePoint;
Namespace adusermanage
{
Public partial class userregist: system. Web. UI. usercontrol
{
Private string adpath = default (system. String );
Private string aduser = default (system. String );
Private string adpassword = default (system. String );
/// <Summary>
/// Costumes
/// </Summary>
Private Static identityimpersonation impersonate = new identityimpersonation ("Administrator", "abc-123", "lhvm.com ");
Protected void page_load (Object sender, eventargs E)
{
If (! Page. ispostback)
{
Adpath = configurationmanager. deleetpipeline ["adpath"]. tostring ();
Aduser = configurationmanager. deleetpipeline ["adadminuser"]. tostring ();
Adpassword = configurationmanager. receivettings ["adadminpassword"]. tostring ();
}
// Spsite site = new spsite (@ "http: // LH-VPC/personal/test ");
// Spweb web = site. openweb ();
// Spusercollection users = web. allusers;
// Web. allowunsafeupdates = true;
// If (! Web. hasuniqueroleassignments)
//{
// Web. breakroleinheritance (true );
//}
// Sproleassignment roleassignment = new sproleassignment (Web. ensureuser (@ "lhvm \ zhangy "));
// Roleassignment. roledefinitionbindings. Add (Web. roledefinitions ["read"]);
// Web. roleassignments. Add (roleassignment );
/// Web. ensureuser (@ "lhvm \ zhangy ");
//// Users. Add (@ "lhvm \ zhangy", "wanghao-3@hotmail.com", "zhangy", "Haha ");
///// Spusercollection users = web. siteusers;
//// Foreach (spuser user in Users)
////{
//// Response. Write (user. Name );
////}
}
/// <Summary>
/// Get directory object
/// </Summary>
/// <Returns> </returns>
Private directoryentry getdirectoryojbect ()
{
Directoryentry entry = new directoryentry (adpath, aduser, adpassword, authenticationtypes. Secure );
Return entry;
}
/// <Summary>
/// Get ou object
/// </Summary>
/// <Param name = "ouname"> </param>
/// <Returns> </returns>
Private directoryentry getouojbect (string ouname)
{
Directoryentry de = This. getdirectoryojbect ();
Directorysearcher search = new directorysearcher ();
Search. searchroot = de;
Search. Filter = "(ou =" + ouname + ")";
Search. searchscope = searchscope. subtree;
Searchresult result = search. findone ();
If (! (Result = NULL ))
{
De = new directoryentry (result. Path );
Return de;
}
Else
{
Return NULL;
}
}
/// <Summary>
/// Create new user
/// </Summary>
/// <Param name = "ouname"> </param>
/// <Param name = "CommonName"> </param>
/// <Param name = "samaccountname"> </param>
/// <Param name = "password"> </param>
/// <Returns> </returns>
Public directoryentry createnewuser (string ouname, string CommonName, string samaccountname, string password)
{
Return createnewusers (ouname, CommonName, samaccountname, password );
}
/// <Summary>
/// Enable User
/// </Summary>
/// <Param name = "user"> </param>
Public void enableuser (directoryentry user)
{
User. properties ["useraccountcontrol"]. value = 544;
User. commitchanges ();
User. Close ();
}
/// <Summary>
/// Change pass
/// </Summary>
/// <Param name = "ude"> </param>
/// <Param name = "password"> </param>
Public void changepassword (directoryentry Ude, string password)
{
// Directoryentry ude = getdirectoryeentrys (distinguishedname );
Ude. Invoke ("setpassword", new object [] {password });
Ude. commitchanges ();
Ude. Close ();
}
Public directoryentry createnewusers (string ouname, string CommonName, string samaccountname, string password)
{
// Directoryentry entry = This. getdirectoryojbect ();
Directoryentry subentry = This. getouojbect (ouname );
Impersonate. beginimpersonate ();
Directoryentry deuser = subentry. Children. Add ("cn =" + CommonName, "user ");
Deuser. properties ["samaccountname"]. value = samaccountname;
Deuser. commitchanges ();
Impersonate. stopimpersonate ();
This. enableuser (deuser );
This. changepassword (deuser, password );
// deuser. Close ();
return deuser;
}< BR >///
// get ad user add Moss
///
///
//
//
private bool getadtomossuser (string domianuser, string CommonName)
{< br> try
{
Spsite site = new spsite (@ "http: // LH-VPC/personal/test ");
Spweb web = site. openweb ();
Spusercollection users = web. allusers;
Web. allowunsafeupdates = true;
Users. Add (domianuser, "wanghao-3@hotmail.com", CommonName, CommonName );
If (! Web. hasuniqueroleassignments)
{
Web. breakroleinheritance (true );
}
Sproleassignment roleassignment = new sproleassignment (Web. ensureuser (domianuser ));
Roleassignment. roledefinitionbindings. Add (Web. roledefinitions ["read"]);
Web. roleassignments. Add (roleassignment );
Return true;
}
Catch
{
Return false;
}
}
Protected void btncreateuser_click (Object sender, eventargs E)
{
If (this. tbusername. Text = "")
{
Response. Write ("<SCRIPT> alert ('user name cannot be blank '); </SCRIPT> ");
}
Else if (this. tbpassword. Text. Trim ()! = This. tbpwd. Text. Trim ())
{
Response. Write ("<SCRIPT> alert ('different passwords ') </SCRIPT> ");
}
Else
{
Directoryentry en = This. createnewuser ("SharePoint Department", this. tbusername. text. trim (), this. tbusername. text. trim (), this. tbpassword. text. trim ());
If (EN! = NULL)
{
If (this. getadtomossuser ("lhvm" + "\" + this. tbusername. Text. Trim (), this. tbusername. Text. Trim ()))
{
Response. Write ("<SCRIPT> alert ('Congratulations! Registration successful! ') </SCRIPT> ");
}
Else
{
Response. Write ("<SCRIPT> alert ('Congratulations! ') </SCRIPT> ");
}
}
Else
{
Response. Write ("<SCRIPT> alert ('registration failed! ') </SCRIPT> ");
}
}
}
}
/// <Summary>
/// Simulate the role color. In Program User role simulation.
/// </Summary>
Public class identityimpersonation
{
/// <Summary>
/// Logons the user.
/// </Summary>
/// <Param name = "lpszusername"> the lpsz username. </param>
/// <Param name = "lpszdomain"> the lpsz domain. </param>
/// <Param name = "lpszpassword"> the lpsz password. </param>
/// <Param name = "dwlogontype"> type of the DW logon. </param>
/// <Param name = "dwlogonprovider"> the DW logon provider. </param>
/// <Param name = "phtoken"> the pH token. </param>
/// <Returns> </returns>
[Dllimport ("advapi32.dll", setlasterror = true)]
Public static extern bool logonuser (string lpszusername, string lpszdomain, string lpszpassword, int dwlogontype, int dwlogonprovider, ref intptr phtoken );
/// <Summary>
/// Duplicates the token.
/// </Summary>
/// <Param name = "existingtokenhandle"> the existing token handle. </param>
/// <Param name = "security_impersonation_level"> the Securit Y _ impersonatio N _ level. </param>
/// <Param name = "duplicatetokenhandle"> the duplicate token handle. </param>
/// <Returns> </returns>
[Dllimport ("advapi32.dll", charset = charset. Auto, setlasterror = true)]
Public extern static bool duplicatetoken (intptr existingtokenhandle, int security_impersonation_level, ref intptr duplicatetokenhandle );
/// <Summary>
/// Closes the handle.
/// </Summary>
/// <Param name = "handle"> the handle. </param>
/// <Returns> </returns>
[Dllimport ("kernel32.dll", charset = charset. Auto)]
Public extern static bool closehandle (intptr handle );
// User name, password, and domain (machine name) of the user to be simulated)
Private string _ simperusername;
Private string _ simperpassword;
Private string _ simperdomain;
// Record the simulated Context
Private windowsimpersonationcontext _ impercontext;
Private intptr _ admintoken;
Private intptr _ dupetoken;
// Whether the simulation has been stopped
Private Boolean _ bclosed;
/// <Summary>
/// Constructor
/// </Summary>
/// <Param name = "impersonationusername"> User name to be simulated </param>
/// <Param name = "impersonationpassword"> password of the user to be simulated </param>
/// <Param name = "impersonationdomain"> domain of the user to be simulated </param>
Public identityimpersonation (string impersonationusername, string impersonationpassword, string impersonationdomain)
{
_ Simperusername = impersonationusername;
_ Simperpassword = impersonationpassword;
_ Simperdomain = impersonationdomain;
_ Admintoken = intptr. zero;
_ Dupetoken = intptr. zero;
_ Bclosed = true;
}
///
// destructor
///
~ Identityimpersonation ()
{< br> If (! _ Bclosed)
{< br> stopimpersonate ();
}< BR >}
///
/// start identity role simulation.
///
///
Public Boolean beginimpersonate ()
{< br> Boolean blogined = logonuser (_ simperusername, _ simperdomain, _ simperpassword, 2, 0, ref _ admintoken);
If (! Blogined)
{< br> return false;
}
Boolean bduped = duplicatetoken (_ admintoken, 2, ref _ dupetoken );
If (! Bduped)
{
Return false;
}
Windowsidentity fakeid = new windowsidentity (_ dupetoken );
_ Impercontext = fakeid. Impersonate ();
_ Bclosed = false;
Return true;
}
/// <Summary>
/// Stop identity role simulation.
/// </Summary>
Public void stopimpersonate ()
{
// _ Impercontext. Undo ();
Closehandle (_ dupetoken );
Closehandle (_ admintoken );
_ Bclosed = true;
}
}
}
The code is very simple, but I hope you can understand some truth