操作域用户!

MCS给了二个操作域用户的类!记录如下
比如好用,省的以后用了再去找
ActiveDirectoryHelper

  1public class ActiveDirectoryHelper
  2{
  3    public static string RootPath = "";
  4    public static string AdminUsername = "";
  5    public static string AdminPassword = "";
  6    public static DirectoryEntry GetDirectoryEntry(string path, string username, string password)
  7    {
  8        DirectoryEntry de = new DirectoryEntry();
  9        de.Path = path;
 10        de.Username = username;
 11        de.Password = password;
 12
 13        RootPath = path;
 14        AdminUsername = username;
 15        AdminPassword = password;
 16
 17        return de;
 18    }
 19
 20    public static string CreateNewUser(DirectoryEntry entry, ActiveDirectoryUser adUser, string groupName)
 21    {
 22        DirectoryEntries users = entry.Children;
 23        DirectoryEntry newUser = users.Add("CN=" + adUser.LoginName, "user");
 24
 25        SetProperty(newUser, "employeeID", adUser.EmployeeID);
 26        SetProperty(newUser, "SAMAccountName", adUser.LoginName);
 27        SetProperty(newUser, "userPrincipalName", adUser.LoginName);
 28
 29        string password = SetPassword(newUser.Path);
 30        newUser.CommitChanges();
 31
 32        EnableAccount(newUser);
 33
 34        AddUserToGroup(entry, newUser, groupName);
 35
 36        newUser.Close();
 37        entry.Close();
 38        return password;
 39    }
 40
 41    public static void SetProperty(DirectoryEntry entry, string propertyName, string propertyValue)
 42    {
 43        if (!string.IsNullOrEmpty(propertyValue))
 44        {
 45            if (entry.Properties.Contains(propertyName))
 46            {
 47                entry.Properties[propertyName][0] = propertyValue;
 48            }
 49            else
 50            {
 51                entry.Properties[propertyName].Add(propertyValue);
 52            }
 53        }
 54    }
 55
 56    public static string GetProperty(DirectoryEntry entry, string propertyName)
 57    {
 58        if (entry.Properties.Contains(propertyName))
 59            return entry.Properties[propertyName][0].ToString();
 60        else
 61            return String.Empty;
 62    }
 63
 64    public static string SetPassword(string path)
 65    {
 66        DirectoryEntry user = new DirectoryEntry();
 67        user.Path = path;
 68        user.AuthenticationType = AuthenticationTypes.Secure;
 69        string password = "RandomPassword.Generate()";
 70        object[] pw = new object[] { password };
 71        object ret = user.Invoke("SetPassword", pw);
 72        user.CommitChanges();
 73        user.Close();
 74        return password;
 75    }
 76
 77    public static void EnableAccount(DirectoryEntry entry)
 78    {
 79        // UF_DONT_EXPIRE_PASSWD 0x0001
 80        int exp = (int)entry.Properties["userAccountControl"].Value;
 81        entry.Properties["userAccountControl"].Value = exp | 0x0001;
 82        entry.CommitChanges();
 83        // UF_ACCOUNTDISABLE 0x0002
 84        int val = (int)entry.Properties["userAccountControl"].Value;
 85        entry.Properties["userAccountControl"].Value = val & ~0x0002;
 86        entry.CommitChanges();
 87    }
 88
 89    public static void DisableAccount(DirectoryEntry rootEntry, string employeeID)
 90    {
 91        DirectorySearcher searcher = new DirectorySearcher(rootEntry);
 92        searcher.Filter = "(&(objectCategory=Person)(objectClass=user)(employeeID=" + employeeID + "))";
 93        searcher.SearchScope = SearchScope.Subtree;
 94        SearchResult result = searcher.FindOne();
 95
 96        if (result != null)
 97        {
 98            DirectoryEntry entry = GetDirectoryEntry(result.Path, AdminUsername, AdminPassword);
 99            int val = (int)entry.Properties["userAccountControl"].Value;
100            entry.Properties["userAccountControl"].Value = val | 0x0002;
101            entry.Properties["msExchHideFromAddressLists"].Value = "TRUE";
102            entry.CommitChanges();
103            entry.Close();
104        }
105
106        rootEntry.Close();
107    }
108
109    public static void AddUserToGroup(DirectoryEntry entry, DirectoryEntry entryUser, string groupName)
110    {
111        DirectorySearcher searcher = new DirectorySearcher();
112        searcher.SearchRoot = entry;
113        searcher.Filter = "(&(objectClass=group) (cn=" + groupName + "))";
114        SearchResultCollection results = searcher.FindAll();
115
116        bool isGroupMember = false;
117        if (results.Count > 0)
118        {
119            DirectoryEntry group = GetDirectoryEntry(results[0].Path, AdminUsername, AdminPassword);
120            object members = group.Invoke("Members", null);
121            foreach (object member in (IEnumerable)members)
122            {
123                DirectoryEntry x = new DirectoryEntry(member);
124                if (x.Name != entryUser.Name)
125                    isGroupMember = false;
126                else
127                {
128                    isGroupMember = true;
129                    break;
130                }
131            }
132            if (!isGroupMember)
133            {
134                group.Invoke("Add", new object[] { entryUser.Path.ToString() });
135            }
136            group.Close();
137        }
138        return;
139    }
140
141    public static DirectoryEntry UserExists(DirectoryEntry entry, string username)
142    {
143        DirectorySearcher searcher = new DirectorySearcher(entry);
144       // searcher.Filter = "(&(objectClass=user)(cn=" + username + "))";
145        searcher.Filter = "(&(objectClass=user)(samAccountName=" + username + "))";
146        SearchResultCollection results = searcher.FindAll();
147        entry.Close();
148        if (results.Count == 0)
149            return null;
150        else
151            return results[0].GetDirectoryEntry();
152    }
153
154    public static ActiveDirectoryUser GetUserInformation(DirectoryEntry userEntry)
155    {
156        ActiveDirectoryUser adUser = new ActiveDirectoryUser();
157        adUser.EmployeeID = GetProperty(userEntry, "employeeID");
158        adUser.Email = GetProperty(userEntry, "mail");
159
160        userEntry.Close();
161        return adUser;
162    }
163
164    public static void UpdateUserInformation(DirectoryEntry rootEntry, ActiveDirectoryUser adUser)
165    {
166        DirectorySearcher searcher = new DirectorySearcher(rootEntry);
167        searcher.Filter = "(&(objectCategory=Person)(objectClass=user)(employeeID=" + adUser.EmployeeID + "))";
168        searcher.SearchScope = SearchScope.Subtree;
169        SearchResult result = searcher.FindOne();
170
171        if (result != null)
172        {
173            DirectoryEntry userEntry = result.GetDirectoryEntry();
174            //               SetProperty(userEntry, "
175        }
176        rootEntry.Close();
177    }
178}
179

实体类ActiveDirectoryUser

 1public class ActiveDirectoryUser
 2{
 3    private string employeeID = "FPC00xxx";
 4    public string EmployeeID
 5    {
 6        get { return employeeID; }
 7        set
 8        {
 9            //Regex rx = new Regex(@"^FPC\d{5}");
10            //if (rx.IsMatch(value))
11                employeeID = value;
12            //else
13            //    throw new ArgumentException("EmployeeID应该为FPCxxxxx，x代表数字", "EmployeeID");
14        }
15    }
16
17    private string loginName = "User";
18    public string LoginName
19    {
20        get { return loginName; }
21        set
22        {
23            Regex rx = new Regex("[0-9a-zA-Z]{3,10}");
24            if (rx.IsMatch(value))
25                loginName = value;
26            else
27                throw new ArgumentException("登录名应该是数字和字母的组合，并且在3-10个字符之间", "LoginName");
28        }
29    }
30
31    private string password = "Pass@word1";
32    public string Password
33    {
34        get { return password; }
35        set { password = value; }
36    }
37
38    private string email = "xxx@***.com.cn";
39    public string Email
40    {
41        get { return email; }
42        set { email = value; }
43    }
44}
45