首先我們來瞭解一下什麼是Active Directory。不用我描述,看以下網址,或在.net內建協助文檔雷根據Active Directory關鍵字一搜,就什麼都明白了。
http://developer.ccidnet.com/pub/article/c322_a28703_p2.html
接下來,我們來看看許可權。你可以通過“網路位置--整個網路--Directory--demain(你的網域名稱)”你就可以看到所有關於域下的資訊,粗一看就知道是怎麼回事了。
需要告訴大家的:所有組織單位下的使用者都在Users(容器)--Demain Users(組)中
用代碼進行訪問時,如果你是網域系統管理員使用者,則可以做任何操作,否則,只能查詢使用者屬性。
private void SearchUser()
{
string domainName = "Domain";
string groupName = "Domain Users";
string dirmemName="";
//在Domain Users域使用者裡取得每個使用者名稱
System.DirectoryServices.DirectoryEntry group = new System.DirectoryServices.DirectoryEntry("WinNT://" + domainName + "/" + groupName + ",group");
foreach(Object member in (IEnumerable)group.Invoke("Members"))
{
//根據很個使用者產生如:"LDAP://OU=套裝軟體課,OU=系統開發部,OU=資訊服務處,OU=營運支援中心,OU=XX公司,DC=Domain,DC=com,DC=cn"
System.DirectoryServices.DirectoryEntry dirmem = new System.DirectoryServices.DirectoryEntry(member);
dirmemName=dirmem.Name;
string DomainName="Domain";
string FilterStr = "(sAMAccountname="+dirmemName+")";
System.DirectoryServices.DirectorySearcher FindMe = new System.DirectoryServices.DirectorySearcher(DomainName);
FindMe.Filter = FilterStr;
System.DirectoryServices.SearchResult FindRes = FindMe.FindOne();
System.DirectoryServices.DirectoryEntry MyUser = FindRes.GetDirectoryEntry();
string OUPath=MyUser.Parent.Path;
//找到該使用者所在的LDAP:後,由網域系統管理員登入,並取得該使用者的所在屬性。
string strFieldsValue="",strFields="";
System.DirectoryServices.DirectoryEntry myds=new System.DirectoryServices.DirectoryEntry(OUPath,"網域系統管理員名","網域系統管理員密碼");
foreach(System.DirectoryServices.DirectoryEntry tempEntry in myds.Children)
{
if(tempEntry.SchemaClassName.ToString() == "user" && tempEntry.Properties["sAMAccountName"].Value.ToString().ToLower()==dirmemName)
{
foreach (string propertyName in tempEntry.Properties.PropertyNames )
{
string oneNode = propertyName + ": " +
entry.Properties[propertyName][0].ToString();
this.Textbox1.Text=oneNode;
}
}
<![cdata[
<br>public void AddUser(string strPath,string Username,string
ChineseName)//strPath 增加使用者至哪個組織單位如"LDAP://OU=XX公司,DC=Domain,DC=com"帳號、中文名{
<BR>try <BR>{ <BR>string RootDSE;
<BR>//System.DirectoryServices.DirectorySearcher DSESearcher= new
System.DirectoryServices.DirectorySearcher();
<BR>//RootDSE=DSESearcher.SearchRoot.Path;
<BR>//RootDSE="LDAP://DC=Domain,DC=com";
<BR>//RootDSE=RootDSE.Insert(7,"CN=Users,");
<BR>System.DirectoryServices.DirectoryEntry myDE = new
System.DirectoryServices.DirectoryEntry(strPath);
<BR>System.DirectoryServices.DirectoryEntries myEntries = myDE.Children; <BR>//
Create a new entry 'Sample' in the container. <BR>string
strname="CN="+ChineseName; <BR>System.DirectoryServices.DirectoryEntry
myDirectoryEntry = myEntries.Add(strname, "user");
<BR><BR>//MessageBox.Show(myDirectoryEntry.SchemaClassName.ToString());
<BR>myDirectoryEntry.Properties["userPrincipalName"].Value=Username;
myDirectoryEntry.Properties["name"].Value=ChineseName;
myDirectoryEntry.Properties["samAccountName"].Value=Username;
myDirectoryEntry.Properties["userAccountControl"].Value =66048; //590336;
myDirectoryEntry.CommitChanges();
}
<![cdata[
<br>private void addOU(string strPath,string OUName)//增加組織到strPath組織單位下,組織名稱
<BR>{ <BR>try <BR>{ <BR>//String RootDSE;
<BR>//System.DirectoryServices.DirectorySearcher DSESearcher= new
System.DirectoryServices.DirectorySearcher();
<BR>//RootDSE=DSESearcher.SearchRoot.Path;
<BR>//RootDSE="LDAP://OU=百意時尚廣場,DC=Domain,DC=com";
<BR><BR>System.DirectoryServices.DirectoryEntry myDE = new
System.DirectoryServices.DirectoryEntry(strPath);
<BR>System.DirectoryServices.DirectoryEntries myEntries = myDE.Children;
<BR>string name="OU="+OUName; <BR>System.DirectoryServices.DirectoryEntry
myDirectoryEntry = myEntries.Add(name,"organizationalUnit");
<BR><BR>myDirectoryEntry.Properties["name"].Value=OUName;
myDirectoryEntry.Properties["instanceType"].Value=4;
myDirectoryEntry.Properties["distinguishedName"].Value="OU="+OUName+",DC=Domain,DC=COM)";
myDirectoryEntry.Properties["objectCategory"].Value="CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=sedep,DC=COM";
myDirectoryEntry.Properties["ou"].Value=OUName;
myDirectoryEntry.Properties["postalCode"].Value="777";
myDirectoryEntry.CommitChanges();
//UserMoveto("LDAP://OU="+OUName+",DC=sedep,DC=com",strPath);
}
catch(Exception RaiseErr)
{
MessageBox.Show (RaiseErr.Message);
}
}
<![cdata[
<br>private void ModifyUser() <BR>{ <BR>try <BR>{ <BR>string
DomainName="Domain"; <BR>string FilterStr = "(sAMAccountname=karlluo)";
<BR>System.DirectoryServices.DirectorySearcher FindMe = new
System.DirectoryServices.DirectorySearcher(DomainName); <BR>FindMe.Filter =
FilterStr; <BR>System.DirectoryServices.SearchResult FindRes = FindMe.FindOne();
<BR>string tt=FindRes.Path; <BR>System.DirectoryServices.DirectoryEntry MyUser =
FindRes.GetDirectoryEntry(); <BR>string OUPath=MyUser.Parent.Path;
<BR><BR>DirectoryEntry myds=new DirectoryEntry(OUPath,"網域系統管理員名","網域系統管理員密碼");
<BR><BR>foreach(System.DirectoryServices.DirectoryEntry tempEntry in
myds.Children) <BR>{ <BR>if(tempEntry.SchemaClassName.ToString() == "user")
<BR>{
<BR>if(tempEntry.Properties["sAMAccountName"].Value.ToString().ToLower()=="karlluo")
{
tempEntry.UsePropertyCache=true;
tempEntry.Properties["st"].Value="yyyyyyyyyyyyyyyy";
//newEntry.Properties["userPrincipalName"].Value="userID";
tempEntry.CommitChanges();
}
}
}
}
catch(Exception RaiseErr)
{
MessageBox.Show (RaiseErr.Message);
}
}
類別: Active Directory 發布日期: 2007-3-9 14:48Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
