國內最大的酷站演示中心!
首先我們來了解一下什么是active directory����。不用我描述,看以下網址,或在.net自帶幫助文檔里根據active directory關鍵字一搜,就什么都明白了��。
接下來���,我們來看看權限�。你可以通過“網上鄰居--整個網絡--directory--demain(你的域名)”你就可以看到所有關于域下的信息,粗一看就知道是怎么回事了。
需要告訴大家的:所有組織單位下的用戶都在users(容器)--demain users(組)中
用代碼進行訪問時�����,如果你是域管理員用戶���,則可以做任何操作����,否則,只能查詢用戶屬性�����。
private void searchuser()
{
string domainname = "domain";
string groupname = "domain users";
string dirmemname="";
//在domain users域用戶里取得每個用戶名
system.directoryservices.directoryentry group = new system.directoryservices.directoryentry("winnt://" + domainname + "/" + groupname + ",group");
foreach(object member in (ienumerable)group.invoke("members"))
{
//根據很個用戶生成如:"ldap://ou=套裝軟體課,ou=系統開發部,ou=資訊服務處,ou=營運支援中心,ou=xx公司,dc=domain,dc=com,dc=cn"
system.directoryservices.directoryentry dirmem = new system.directoryservices.directoryentry(member);
dirmemname=dirmem.name;
string domainname="domain";
string filterstr = "(samaccountname="+dirmemname+")";
system.directoryservices.directorysearcher findme = new system.directoryservices.directorysearcher(domainname);
findme.filter = filterstr;
system.directoryservices.searchresult findres = findme.findone();
system.directoryservices.directoryentry myuser = findres.getdirectoryentry();
string oupath=myuser.parent.path;
//找到該用戶所在的ldap:后���,由域管理員登錄���,并取得該用戶的所在屬性���。
string strfieldsvalue="",strfields="";
system.directoryservices.directoryentry myds=new system.directoryservices.directoryentry(oupath,"域管理員名","域管理員密碼");
foreach(system.directoryservices.directoryentry tempentry in myds.children)
{
if(tempentry.schemaclassname.tostring() == "user" && tempentry.properties["samaccountname"].value.tostring().tolower()==dirmemname)
{
foreach (string propertyname in tempentry.properties.propertynames )
{
string onenode = propertyname + ": " +
entry.properties[propertyname][0].tostring();
this.textbox1.text=onenode;
}
}
-------------------------------------------
public void adduser(string strpath,string username,string chinesename)//strpath 增加用戶至哪個組織單位如"ldap://ou=xx公司,dc=domain,dc=com"帳號�、中文名{
try
{
string rootdse;
//system.directoryservices.directorysearcher dsesearcher= new system.directoryservices.directorysearcher();
//rootdse=dsesearcher.searchroot.path;
//rootdse="ldap://dc=domain,dc=com";
//rootdse=rootdse.insert(7,"cn=users,");
system.directoryservices.directoryentry myde = new system.directoryservices.directoryentry(strpath);
system.directoryservices.directoryentries myentries = myde.children;
// create a new entry 'sample' in the container.
string strname="cn="+chinesename;
system.directoryservices.directoryentry mydirectoryentry = myentries.add(strname, "user");
//messagebox.show(mydirectoryentry.schemaclassname.tostring());
mydirectoryentry.properties["userprincipalname"].value=username;
mydirectoryentry.properties["name"].value=chinesename;
mydirectoryentry.properties["samaccountname"].value=username;
mydirectoryentry.properties["useraccountcontrol"].value =66048; //590336;
mydirectoryentry.commitchanges();
}
----------------------------------------------
private void addou(string strpath,string ouname)//增加組織到strpath組織單位下����,組織名稱
{
try
{
//string rootdse;
//system.directoryservices.directorysearcher dsesearcher= new system.directoryservices.directorysearcher();
//rootdse=dsesearcher.searchroot.path;
//rootdse="ldap://ou=百意時尚廣場,dc=domain,dc=com";
system.directoryservices.directoryentry myde = new system.directoryservices.directoryentry(strpath);
system.directoryservices.directoryentries myentries = myde.children;
string name="ou="+ouname;
system.directoryservices.directoryentry mydirectoryentry = myentries.add(name,"organizationalunit");
mydirectoryentry.properties["name"].value=ouname;
mydirectoryentry.properties["instancetype"].value=4;
mydirectoryentry.properties["distinguishedname"].value="ou="+ouname+",dc=domain,dc=com)";
mydirectoryentry.properties["objectcategory"].value="cn=organizational-unit,cn=schema,cn=configuration,dc=sedep,dc=com";
mydirectoryentry.properties["ou"].value=ouname;
mydirectoryentry.properties["postalcode"].value="777";
mydirectoryentry.commitchanges();
//usermoveto("ldap://ou="+ouname+",dc=sedep,dc=com",strpath);
}
catch(exception raiseerr)
{
messagebox.show (raiseerr.message);
}
}
---------------------------------------------
private void modifyuser()
{
try
{
string domainname="domain";
string filterstr = "(samaccountname=karlluo)";
system.directoryservices.directorysearcher findme = new system.directoryservices.directorysearcher(domainname);
findme.filter = filterstr;
system.directoryservices.searchresult findres = findme.findone();
string tt=findres.path;
system.directoryservices.directoryentry myuser = findres.getdirectoryentry();
string oupath=myuser.parent.path;
directoryentry myds=new directoryentry(oupath,"域管理員名","域管理員密碼");
foreach(system.directoryservices.directoryentry tempentry in myds.children)
{
if(tempentry.schemaclassname.tostring() == "user")
{
if(tempentry.properties["samaccountname"].value.tostring().tolower()=="karlluo")
{
tempentry.usepropertycache=true;
tempentry.properties["st"].value="yyyyyyyyyyyyyyyy";
//newentry.properties["userprincipalname"].value="userid";
tempentry.commitchanges();
}
}
}
}
catch(exception raiseerr)
{
messagebox.show (raiseerr.message);
}
}
