| 发表于:2007-01-10 17:48:111楼 得分:0 |
http://weiweictgu.cnblogs.com/archive/2006/07/13/449932.html
来这里看看,是不是满足要求呢?
首先我们来了解一下什么是active directory。不用我描述,看以下网址,或在.net自带帮助文档里根据active directory关键字一搜,就什么都明白了。
http://developer.ccidnet.com/pub/article/c322_a28703_p2.html
接下来,我们来看看权限。你可以通过“网上邻居--整个网络--directory--demain(你的域名)”你就可以看到所有关于域下的信息,粗一看就知道是怎么回事了。
需要告诉大家的:所有组织单位下的用户都在users(容器)--demain users(组)中
用代码进行访问时,如果你是域管理员用户,则可以做任何操作,否则,只能查询用户属性。
private void searchuser()
{
string domainname = "domain ";
string groupname = "domain users ";
string dirmemname= " ";
//在domain users域用户里取得每个用户名
system.directoryservices.directoryentry group = new system.directoryservices.directoryentry( "winnt:// " + domainname + "/ " + groupname + ",group ");
foreach(object member in (ienumerable)group.invoke( "members "))
{
//根据很个用户生成如: "ldap://ou=套装软体课,ou=系统开发部,ou=资讯服务处,ou=营运支援中心,ou=xx公司,dc=domain,dc=com,dc=cn "
system.directoryservices.directoryentry dirmem = new system.directoryservices.directoryentry(member);
dirmemname=dirmem.name;
string domainname= "domain ";
string filterstr = "(samaccountname= "+dirmemname+ ") ";
system.directoryservices.directorysearcher findme = new system.directoryservices.directorysearcher(domainname);
findme.filter = filterstr;
system.directoryservices.searchresult findres = findme.findone();
system.directoryservices.directoryentry myuser = findres.getdirectoryentry();
string oupath=myuser.parent.path;
//找到该用户所在的ldap:后,由域管理员登录,并取得该用户的所在属性。
string strfieldsvalue= " ",strfields= " ";
system.directoryservices.directoryentry myds=new system.directoryservices.directoryentry(oupath, "域管理员名 ", "域管理员密码 ");
foreach(system.directoryservices.directoryentry tempentry in myds.children)
{
if(tempentry.schemaclassname.tostring() == "user " && tempentry.properties[ "samaccountname "].value.tostring().tolower()==dirmemname)
{
foreach (string propertyname in tempentry.properties.propertynames )
{
string onenode = propertyname + ": " +
entry.properties[propertyname][0].tostring();
this.textbox1.text=onenode;
}
}
--------------------------------------------------------------------------------
public void adduser(string strpath,string username,string chinesename)//strpath 增加用户至哪个组织单位如 "ldap://ou=xx公司,dc=domain,dc=com "帐号、中文名{
try
{
string rootdse;
//system.directoryservices.directorysearcher dsesearcher= new system.directoryservices.directorysearcher();
//rootdse=dsesearcher.searchroot.path;
//rootdse= "ldap://dc=domain,dc=com ";
//rootdse=rootdse.insert(7, "cn=users, ");
system.directoryservices.directoryentry myde = new system.directoryservices.directoryentry(strpath);
system.directoryservices.directoryentries myentries = myde.children;
// create a new entry 'sample ' in the container.
string strname= "cn= "+chinesename;
system.directoryservices.directoryentry mydirectoryentry = myentries.add(strname, "user ");
//messagebox.show(mydirectoryentry.schemaclassname.tostring());
mydirectoryentry.properties[ "userprincipalname "].value=username;
mydirectoryentry.properties[ "name "].value=chinesename;
mydirectoryentry.properties[ "samaccountname "].value=username;
mydirectoryentry.properties[ "useraccountcontrol "].value =66048; //590336;
mydirectoryentry.commitchanges();
}
--------------------------------------------------------------------------------
private void addou(string strpath,string ouname)//增加组织到strpath组织单位下,组织名称
{
try
{
//string rootdse;
//system.directoryservices.directorysearcher dsesearcher= new system.directoryservices.directorysearcher();
//rootdse=dsesearcher.searchroot.path;
//rootdse= "ldap://ou=百意时尚广场,dc=domain,dc=com ";
system.directoryservices.directoryentry myde = new system.directoryservices.directoryentry(strpath);
system.directoryservices.directoryentries myentries = myde.children;
string name= "ou= "+ouname;
system.directoryservices.directoryentry mydirectoryentry = myentries.add(name, "organizationalunit ");
mydirectoryentry.properties[ "name "].value=ouname;
mydirectoryentry.properties[ "instancetype "].value=4;
mydirectoryentry.properties[ "distinguishedname "].value= "ou= "+ouname+ ",dc=domain,dc=com) ";
mydirectoryentry.properties[ "objectcategory "].value= "cn=organizational-unit,cn=schema,cn=configuration,dc=sedep,dc=com ";
mydirectoryentry.properties[ "ou "].value=ouname;
mydirectoryentry.properties[ "postalcode "].value= "777 ";
mydirectoryentry.commitchanges();
//usermoveto( "ldap://ou= "+ouname+ ",dc=sedep,dc=com ",strpath);
}
catch(exception raiseerr)
{
messagebox.show (raiseerr.message);
}
}
--------------------------------------------------------------------------------
private void modifyuser()
{
try
{
string domainname= "domain ";
string filterstr = "(samaccountname=karlluo) ";
system.directoryservices.directorysearcher findme = new system.directoryservices.directorysearcher(domainname);
findme.filter = filterstr;
system.directoryservices.searchresult findres = findme.findone();
string tt=findres.path;
system.directoryservices.directoryentry myuser = findres.getdirectoryentry();
string oupath=myuser.parent.path;
directoryentry myds=new directoryentry(oupath, "域管理员名 ", "域管理员密码 ");
foreach(system.directoryservices.directoryentry tempentry in myds.children)
{
if(tempentry.schemaclassname.tostring() == "user ")
{
if(tempentry.properties[ "samaccountname "].value.tostring().tolower()== "karlluo ")
{
tempentry.usepropertycache=true;
tempentry.properties[ "st "].value= "yyyyyyyyyyyyyyyy ";
//newentry.properties[ "userprincipalname "].value= "userid ";
tempentry.commitchanges();
}
}
}
}
catch(exception raiseerr)
{
messagebox.show (raiseerr.message);
}
}
| | |
|
