首先我们来了解一下什么是active directory。不用我描述,看以下网址,或在.net自带帮助文档里根据active directory关键字一搜,就什么都明白了。
接下来,我们来看看权限。你可以通过“网上邻居--整个网络--directory--demain(你的域名)”你就可以看到所有关于域下的信息,粗一看就知道是怎么回事了。
需要告诉大家的:所有组织单位下的用户都在users(容器)--demain users(组)中
用代码进行访问时,如果你是域管理员用户,则可以做任何操作,否则,只能查询用户属性。
private void searchuser()
{
string domainname = "domain";
string groupname = "domain users";
string dirmemname="";
//在domain users域用户里取得每个用户名
system.directoryservices.directoryentry group = new system.directoryservices.directoryentry("winnt://" + domainname + "/" + groupname + ",group");
foreach(object member in (ienumerable)group.invoke("members"))
{
//根据很个用户生成如:"ldap://ou=套装软体课,ou=系统开发部,ou=资讯服务处,ou=营运支援中心,ou=xx公司,dc=domain,dc=com,dc=cn"
system.directoryservices.directoryentry dirmem = new system.directoryservices.directoryentry(member);
dirmemname=dirmem.name;
string domainname="domain";
string filterstr = "(samaccountname="+dirmemname+")";
system.directoryservices.directorysearcher findme = new system.directoryservices.directorysearcher(domainname);
findme.filter = filterstr;
system.directoryservices.searchresult findres = findme.findone();
system.directoryservices.directoryentry myuser = findres.getdirectoryentry();
string oupath=myuser.parent.path;
//找到该用户所在的ldap:后,由域管理员登录,并取得该用户的所在属性。
string strfieldsvalue="",strfields="";
system.directoryservices.directoryentry myds=new system.directoryservices.directoryentry(oupath,"域管理员名","域管理员密码");
foreach(system.directoryservices.directoryentry tempentry in myds.children)
{
if(tempentry.schemaclassname.tostring() == "user" && tempentry.properties["samaccountname"].value.tostring().tolower()==dirmemname)
{
foreach (string propertyname in tempentry.properties.propertynames )
{
string onenode = propertyname + ": " +
entry.properties[propertyname][0].tostring();
this.textbox1.text=onenode;
}
}
-------------------------------------------
public void adduser(string strpath,string username,string chinesename)//strpath 增加用户至哪个组织单位如"ldap://ou=xx公司,dc=domain,dc=com"帐号、中文名{
try
{
string rootdse;
//system.directoryservices.directorysearcher dsesearcher= new system.directoryservices.directorysearcher();
//rootdse=dsesearcher.searchroot.path;
//rootdse="ldap://dc=domain,dc=com";
//rootdse=rootdse.insert(7,"cn=users,");
system.directoryservices.directoryentry myde = new system.directoryservices.directoryentry(strpath);
system.directoryservices.directoryentries myentries = myde.children;
// create a new entry 'sample' in the container.
string strname="cn="+chinesename;
system.directoryservices.directoryentry mydirectoryentry = myentries.add(strname, "user");
//messagebox.show(mydirectoryentry.schemaclassname.tostring());
mydirectoryentry.properties["userprincipalname"].value=username;
mydirectoryentry.properties["name"].value=chinesename;
mydirectoryentry.properties["samaccountname"].value=username;
mydirectoryentry.properties["useraccountcontrol"].value =66048; //590336;
mydirectoryentry.commitchanges();
}
----------------------------------------------
private void addou(string strpath,string ouname)//增加组织到strpath组织单位下,组织名称
{
try
{
//string rootdse;
//system.directoryservices.directorysearcher dsesearcher= new system.directoryservices.directorysearcher();
//rootdse=dsesearcher.searchroot.path;
//rootdse="ldap://ou=百意时尚广场,dc=domain,dc=com";
system.directoryservices.directoryentry myde = new system.directoryservices.directoryentry(strpath);
system.directoryservices.directoryentries myentries = myde.children;
string name="ou="+ouname;
system.directoryservices.directoryentry mydirectoryentry = myentries.add(name,"organizationalunit");
mydirectoryentry.properties["name"].value=ouname;
mydirectoryentry.properties["instancetype"].value=4;
mydirectoryentry.properties["distinguishedname"].value="ou="+ouname+",dc=domain,dc=com)";
mydirectoryentry.properties["objectcategory"].value="cn=organizational-unit,cn=schema,cn=configuration,dc=sedep,dc=com";
mydirectoryentry.properties["ou"].value=ouname;
mydirectoryentry.properties["postalcode"].value="777";
mydirectoryentry.commitchanges();
//usermoveto("ldap://ou="+ouname+",dc=sedep,dc=com",strpath);
}
catch(exception raiseerr)
{
messagebox.show (raiseerr.message);
}
}
---------------------------------------------
private void modifyuser()
{
try
{
string domainname="domain";
string filterstr = "(samaccountname=karlluo)";
system.directoryservices.directorysearcher findme = new system.directoryservices.directorysearcher(domainname);
findme.filter = filterstr;
system.directoryservices.searchresult findres = findme.findone();
string tt=findres.path;
system.directoryservices.directoryentry myuser = findres.getdirectoryentry();
string oupath=myuser.parent.path;
directoryentry myds=new directoryentry(oupath,"域管理员名","域管理员密码");
foreach(system.directoryservices.directoryentry tempentry in myds.children)
{
if(tempentry.schemaclassname.tostring() == "user")
{
if(tempentry.properties["samaccountname"].value.tostring().tolower()=="karlluo")
{
tempentry.usepropertycache=true;
tempentry.properties["st"].value="yyyyyyyyyyyyyyyy";
//newentry.properties["userprincipalname"].value="userid";
tempentry.commitchanges();
}
}
}
}
catch(exception raiseerr)
{
messagebox.show (raiseerr.message);
}
}
新闻热点
疑难解答
