首页 > 英文翻译

directoryentry

更新时间:2022-12-31 08:33:07 阅读: 评论:0


2022年12月31日发(作者:时间表达法)

C#操作LDAP

C#操作LDAP查找组或⼈员信息

usingSystem;

c;

;

;

oryServices;

///

///ADUtil的摘要说明

///

publicclassADUtil

{

//LDAP地址例如:LDAP://

privateconststringLDAP_HOST="LDAP://";

//具有LDAP管理权限的特殊帐号

privateconststringUSER_NAME="account";

//具有LDAP管理权限的特殊帐号的密码

privateconststringPASSWORD="password";

publicADUtil()

{

//

//TODO:在此处添加构造函数逻辑

//

}

/**

*向某个组添加⼈员

*groupName组名称

*urName⼈员域帐号

**/

publicstaticvoidaddGroupMember(stringgroupName,stringurName)

{

DirectoryEntrygroup=getGroupByName(groupName);

me=USER_NAME;

rd=PASSWORD;

ties["member"].Add(getUrDNByName(urName));

Changes();

}

/**

*从某个组移出指定的⼈员

*groupName组名称

*urName⼈员域帐号

**/

publicstaticvoidremoveGroupMember(stringgroupName,stringurName)

{

DirectoryEntrygroup=getGroupByName(groupName);

me=USER_NAME;

rd=PASSWORD;

ties["member"].Remove(getUrDNByName(urName));

Changes();

}

/**

*获取指定⼈员的域信息

*name⼈员域帐号

**/

publicstaticobjectgetUrDNByName(stringname)

{

DirectorySearcherurSearch=newDirectorySearcher(LDAP_HOST);

Root=newDirectoryEntry(LDAP_HOST,USER_NAME,PASSWORD);

="(SAMAccountName="+name+")";

SearchResultur=e();

if(ur==null)

{

thrownewException("请确认域⽤户是否正确");

}

ties["distinguishedname"][0];

}

/**

*获取指定域组的信息

*name组名称

**/

publicstaticDirectoryEntrygetGroupByName(stringname)

{

DirectorySearcherarch=newDirectorySearcher(LDAP_HOST);

Root=newDirectoryEntry(LDAP_HOST,USER_NAME,PASSWORD);

="(&(cn="+name+")(objectClass=group))";

("objectClass");

SearchResultresult=e();

DirectoryEntrygroup;

if(result!=null)

{

group=ectoryEntry();

}

el{

thrownewException("请确认AD组列表是否正确");

}

returngroup;

}

}

C#LDAP管理(创建新⽤户)

今天⽤C#实现了⼀套LDAP域账号的创建和查询,感受挺多。

算是第⼀次接触LDAP吧,之前曾经做了⼀个登录的验证,就是查询功能,那个相对⽐较简单,⽤到了⼀个⽅法就搞定了。

这次的需求是要⽤编程的⽅式创建域账号,实现域登陆。

⾸先回顾⼀下之前查询⽤到的代码:

publicstaticboolTryAuthenticate(stringurName,stringpassword)

{

stringdomain="";

boolisLogin=fal;

try

{

DirectoryEntryentry=newDirectoryEntry(("LDAP://{0}",domain),urName,password);

hCache();

("checksuccess");

isLogin=true;

}

catch(Exceptionex)

{

("域验证抛出异常:"+e+xception);

isLogin=fal;

}

returnisLogin;

}

这是验证指定⽤户是否在域⾥认证通过。

接下来,实现创建域账户的操作。在⽹上找到了⼀个操作类:

usingSystem;

tions;

c;

;

oryServices;

;

;

rExpressions;

nsion

{

publicstaticclassAdHerlp

{

#region创建AD连接

///

///创建AD连接

///

///

publicstaticDirectoryEntryGetDirectoryEntry()

{

DirectoryEntryde=newDirectoryEntry();

="LDAP:///CN=Urs,DC=testhr,DC=com";

me=@"administrator";

rd="litb20!!";

returnde;

//DirectoryEntryentry=newDirectoryEntry("LDAP://","administrator","litb20!!",);

//returnentry;

}

#endregion

#region获取⽬录实体集合

///

///

///

///

///

publicstaticDirectoryEntryGetDirectoryEntry(stringDomainReference)

{

DirectoryEntryentry=newDirectoryEntry("LDAP://"+DomainReference,"administrator","litb20!!",);

returnentry;

}

#endregion

}

//AD操作类

//

publicclassmyDirectory

{

///

///判断⽤户是否存在

///

///

///

publicboolUrExists(stringUrName)

{

DirectoryEntryde=ectoryEntry();

DirectorySearcherdeSearch=newDirectorySearcher();

Root=de;

="(&(objectClass=ur)(cn="+UrName+"))";

SearchResultCollectionresults=l();

if(==0)

{

returnfal;

}

el

{

returntrue;

}

}

///

///修改⽤户属性

///

///

///

///

publicstaticvoidSetProperty(DirectoryEntryde,stringPropertyName,stringPropertyValue)

{

if(PropertyValue!=null)

{

if(ns(PropertyName))

{

ties[PropertyName][0]=PropertyValue;

}

el

{

ties[PropertyName].Add(PropertyValue);

}

}

}

///

///⽣成随机密码

///

///

publicstringSetSecurePassword()

{

//RandomPasswordrp=newRandomPassword();

return"qwe123!@#";

}

///

///设置⽤户新密码

///

///

publicvoidSetPassword(DirectoryEntrynewur)

{

//DirectoryEntryusr=newDirectoryEntry();

//=path;

//ticationType=;

//object[]password=newobject[]{SetSecurePassword()};

//objectret=("SetPassword",password);

//Changes();

//();

ticationType=;

object[]password=newobject[]{SetSecurePassword()};

objectret=("SetPassword",password);

Changes();

();

}

///

///启⽤⽤户帐号

///

///

privatestaticvoidEnableAccount(DirectoryEntryde)

{

//UF_DONT_EXPIRE_PASSWD0x10000

intexp=(int)ties["urAccountControl"].Value;

ties["urAccountControl"].Value=exp|0x0001;

Changes();

//UF_ACCOUNTDISABLE0x0002

intval=(int)ties["urAccountControl"].Value;

ties["urAccountControl"].Value=val&~0x0002;

Changes();

}

///

///添加⽤户到组

///

///

///

///

publicstaticvoidAddUrToGroup(DirectoryEntryde,DirectoryEntrydeUr,stringGroupName)

{

DirectorySearcherdeSearch=newDirectorySearcher();

Root=de;

="(&(objectClass=group)(cn="+GroupName+"))";

SearchResultCollectionresults=l();

boolisGroupMember=fal;

if(>0)

{

DirectoryEntrygroup=ectoryEntry(results[0].Path);

objectmembers=("Members",null);

foreach(objectmemberin(IEnumerable)members)

{

DirectoryEntryx=newDirectoryEntry(member);

if(!=)

{

isGroupMember=fal;

}

el

{

isGroupMember=true;

break;

}

}

if(!isGroupMember)

{

("Add",newobject[]{ng()});

}

();

}

return;

}

///

///创建⼀个新⽤户

///

///

///

///

///

///

publicvoidCreateNewUr(stringemployeeID,stringname,stringlogin,stringemail,stringgroup)

{

//Catalogcatalog=newCatalog();

DirectoryEntryde=ectoryEntry();

///uraccount

DirectoryEntriesurs=en;

DirectoryEntrynewur=("CN="+login,"ur");

///perties

SetProperty(newur,"employeeID",employeeID);

SetProperty(newur,"givenname",name);

SetProperty(newur,"SAMAccountName",login);

SetProperty(newur,"urPrincipalName",login);

SetProperty(newur,"mail",email);

SetProperty(newur,"Description","CreateUrByHrESSSystem");

Changes();

///sword

ticationType=;

object[]password=newobject[]{SetSecurePassword()};

objectret=("SetPassword",password);

Changes();

//();

//SetPassword(newur);

//Changes();

///account

EnableAccount(newur);

///raccounttogroups

AddUrToGroup(de,newur,group);

///amailboxinMicrosoftExchange

//GenerateMailBox(login);

();

();

}

///

///禁⽤⼀个帐号

///

///

publicvoidDisableAccount(stringEmployeeID)

{

DirectoryEntryde=ectoryEntry();

DirectorySearcherds=newDirectorySearcher(de);

="(&(objectCategory=Person)(objectClass=ur)(employeeID="+EmployeeID+"))";

Scope=e;

SearchResultresults=e();

if(results!=null)

{

DirectoryEntrydey=ectoryEntry();

intval=(int)ties["urAccountControl"].Value;

ties["urAccountControl"].Value=val|0x0002;

ties["msExchHideFromAddressLists"].Value="TRUE";

Changes();

();

}

();

}

///

///修改⽤户信息

///

///

///

///

///

publicvoidModifyUr(stringemployeeID,stringdepartment,stringtitle,stringcompany)

{

DirectoryEntryde=ectoryEntry();

DirectorySearcherds=newDirectorySearcher(de);

="(&(objectCategory=Person)(objectClass=ur)(employeeID="+employeeID+"))";

Scope=e;

SearchResultresults=e();

if(results!=null)

{

DirectoryEntrydey=ectoryEntry();

SetProperty(dey,"department",department);

SetProperty(dey,"title",title);

SetProperty(dey,"company",company);

Changes();

();

}

();

}

///

///检验Email格式是否正确

///

///

///

publicboolIsEmail(stringmail)

{

RegexmailPattern=newRegex(@"w+([-+.]w+)*@w+([-.]w+)*.w+([-.]w+)*");

h(mail);

}

///

///搜索被修改过的⽤户

///

///

///

publicDataTableGetModifiedUrs(DateTimefromdate)

{

DataTabledt=newDataTable();

("EmployeeID");

("Name");

("Email");

DirectoryEntryde=ectoryEntry();

DirectorySearcherds=newDirectorySearcher(de);

StringBuilderfilter=newStringBuilder();

("(&(objectCategory=Person)(objectClass=ur)(whenChanged>=");

(ToADDateString(fromdate));

("))");

=ng();

Scope=e;

SearchResultCollectionresults=l();

foreach(SearchResultresultinresults)

{

DataRowdr=();

DirectoryEntrydey=ectoryEntry();

dr["EmployeeID"]=ties["employeeID"].Value;

dr["Name"]=ties["givenname"].Value;

dr["Email"]=ties["mail"].Value;

(dr);

();

}

();

returndt;

}

///

///格式化AD的时间

///

///

///

publicstringToADDateString(DateTimedate)

{

stringyear=ng();

intmonth=;

intday=;

StringBuildersb=newStringBuilder();

(year);

if(month<10)

{

("0");

}

(ng());

if(day<10)

{

("0");

}

(ng());

("000000.0Z");

ng();

}

}

}

有了这个操作类,就可以进⾏域账号的创建了,调⽤⽰例:

ine("BeginCreateNewUr");

stringname="wj"+d().ToString().Substring(0,5);

stringid=d().ToString().Substring(0,5);NewUr(id,name,name,name+"@","/Urs");

ine("域⽤户名创建成功:"+name);

注意域账号的⽤户名不能有类似-,下划线之类的特殊字符。

在最初尝试的时候,创建对象DirectoryEntry的时候总是有问题,最终这两种⽅式都是有效的:

DirectoryEntryde=newDirectoryEntry();

="LDAP:///CN=Urs,DC=testhr,DC=com";

me=@"administrator";

rd="litb20!!";

returnde;

DirectoryEntryentry=newDirectoryEntry("LDAP://","administrator","litb20!!",);

returnentry;

其次,在创建完⽤户以后,需要设置⽤户的密码,这个⽅法总是报错,后来经过检查,发现如果只传递path字符串,是不⾏的,必须操作现

有对象的Invoke⽅法才可以!

或者传递对象引⽤。

最终,成功创建了域账户。

在测试的时候,同⼀台机器加⼊了多个账号后,就会有问题,报出类似这样的错误:

最终,可以通过在服务器上删除这台电脑的⽅式来解决,或者重命名本地计算机名称。

C#LDAP删除⽤户

⼀、创建LDAP连接

⼆、准备⽤户拥有的属性

三、删除⽤户的信息

LdapConnectionconn=newLdapConnection();

t("192.168.3.112",389);

stringdn="CN=Administrator,CN=Urs,DC=baiyi,DC=com";

(dn,"etimes2011@");

sbyte[]mysbyte=newsbyte[];

for(inti=0;i<;i++)

{

if(caByte[i]>127)

{

mysbyte[i]=(sbyte)(caByte[i]-256);

}

el

{

mysbyte[i]=(sbyte)(caByte[i]);

}

}

LdapAttributeattribute=newLdapAttribute("urCertificate",mysbyte);

stringur="CN=foodean,CN=Urs,DC=baiyi,DC=com";

(ur,newLdapModification(,attribute));//注意这⾥使⽤的是DELETE

nect();

本文发布于:2022-12-31 08:33:07,感谢您对本站的认可!

本文链接:http://www.wtabcd.cn/fanwen/fan/90/64351.html

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系,我们将在24小时内删除。

上一篇:gamma distribution
下一篇:色织格子布
标签:directoryentry
相关文章
留言与评论(共有 0 条评论)
   
验证码:
推荐文章
排行榜
热门标签
Copyright ©2019-2022 Comsenz Inc.Powered by © 专利检索| 网站地图