c# 操作ad域用户

大家好，又见面了，我是你们的朋友全栈君。

测试环境：win2008r2服务器

ad域服务器安装参考：https://www.cnblogs.com/cnjavahome/p/9029665.html
密码策略修改参考：https://blog.csdn.net/zouyujie1127/article/details/40857675

工作机dns设置为ad域服务器的ip

using:

using System.DirectoryServices;
using System.DirectoryServices.AccountManagement;

获取组织单位：

 public DirectoryEntry GetOU(DirectoryEntry parent, string ouname)
        {
            DirectorySearcher mySearcher = new DirectorySearcher(parent, "(objectclass=organizationalUnit)");
            DirectorySearcher deSearch = new DirectorySearcher();
            deSearch.SearchRoot = parent;
            deSearch.Filter = string.Format("(&(objectClass=organizationalUnit) (OU={0}))", ouname);
            SearchResult results = deSearch.FindOne();
            if (results != null)
            {
                return results.GetDirectoryEntry();
            }
            else
            {
                return null;
            }
        }

建组织单位：

public void AddOU(DirectoryEntry parent, string ouname)
        {
            DirectoryEntries ous = parent.Children;
            DirectoryEntry ou = ous.Add("OU=" + ouname, "organizationalUnit");
            ou.CommitChanges();
            ou.Close();
        }

建立连接：

 public PrincipalContext createConnection(List<string> oupath = null)
        {
            string path = "";
            foreach (string str in _domainArr)
            {
                path += string.Format(",DC={0}", str);
            }
            if (oupath != null)
            {
                string tmp = "";
                for (int i = oupath.Count - 1; i >= 0; i--)
                {
                    tmp += string.Format(",OU={0}", oupath[i]);
                }
                tmp = tmp.Substring(1);
                path = tmp + path;
            }
            else
            {
                path = path.Substring(1);
            }

            var context = new PrincipalContext(ContextType.Domain, _domain, path, ContextOptions.Negotiate, _adminName, _adminPass);
            return context;
        }

建用户：

public void AddUser(PrincipalContext context, string barcode, string userName, string passWord)
        {
            using (UserPrincipal u = new UserPrincipal(context, barcode, passWord, true))
            {
                u.Name = barcode;
                u.DisplayName = userName;
                u.UserCannotChangePassword = true;
                u.PasswordNotRequired = true;
                u.PasswordNeverExpires = true;
                u.UserPrincipalName = barcode + "@" + _domain;
                u.Save();
            }
        }

修改密码：

public void EditPass(string userName, string passWord)
        {
            using (var context = createConnection())
            {
                UserPrincipal user = UserPrincipal.FindByIdentity(context, userName);
                if (user != null)
                {
                    user.SetPassword(passWord);
                    user.Save();
                }
            }
        }

删除用户：

public void DelUser(string userName)
        {
            using (var context = createConnection())
            {
                UserPrincipal user = UserPrincipal.FindByIdentity(context, userName);
                if (user != null)
                {
                    user.Delete();
                }
            }
        }

登录验证：

  public bool login(string name, string password)
        {
            DirectoryEntry root = null;
            try
            {
                string ADPath = rootPath();
                root = new DirectoryEntry(ADPath, name, password, AuthenticationTypes.Secure);
                string strName = root.Name;
                root.Close();
                root = null;
                return true;
            }
            catch (Exception ex)
            {
                System.Diagnostics.Debug.WriteLine(ex.Message);
                return false;
            }
        }