开发者论坛

 找回密码
 注册 (请使用非IE浏览器)
查看: 3399|回复: 0

使用ActiveDirectory设置目录共享及目录的用户权限

[复制链接]

0

精华

0

贡献

0

赞扬

帖子
9
软币
95
在线时间
2 小时
注册时间
2015-1-4
发表于 2015-1-4 16:04:40 | 显示全部楼层 |阅读模式
自己工作中经常用到的一些方法。自己创建了2个帮组类,主要用于使用程序创建、删除共享目录,并且为目录创建用户权限。
[C#] 纯文本查看 复制代码
/*****************************************************************
 *
 *  系统名称:	基础工具类
 *
 *  程序名称:	WinNT本地用户及用户组操作控制。
 *  程序说明:	利用活动目录控制用户及用户组的创建/修改/删除等操作。
 *              
 *              
 * 
 *****************************************************************/
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.DirectoryServices;
using System.Collections;

namespace Unionnet.Core
{
    /// <summary>
    /// 用于检索、创建、修改、控制本地计算机用户及用户组。
    /// </summary>
    public class UserAccountController
    {
        #region 账户控制标志
        private const int SCRIPT = 0x0001;
        private const int ACCOUNTDISABLE = 0x0002;
        private const int HOMEDIR_REQUIRED = 0x0008;
        private const int LOCKOUT = 0x0010;
        private const int PASSWD_NOTREQD = 0x0020;
        private const int PASSWD_CANT_CHANGE = 0x0040;
        private const int ENCRYPTED_TEXT_PWD_ALLOWED = 0x0080;
        private const int TEMP_DUPLICATE_ACCOUNT = 0x0100;
        private const int NORMAL_ACCOUNT = 0x0200;
        private const int INTERDOMAIN_TRUST_ACCOUNT = 0x0800;
        private const int WORKSTATION_TRUST_ACCOUNT = 0x1000;
        private const int SERVER_TRUST_ACCOUNT = 0x2000;
        private const int DONT_EXPIRE_PASSWORD = 0x10000;
        private const int MNS_LOGON_ACCOUNT = 0x20000;
        private const int SMARTCARD_REQUIRED = 0x40000;
        private const int TRUSTED_FOR_DELEGATION = 0x80000;
        private const int NOT_DELEGATED = 0x100000;
        private const int USE_DES_KEY_ONLY = 0x200000;
        private const int DONT_REQ_PREAUTH = 0x400000;
        private const int PASSWORD_EXPIRED = 0x800000;
        private const int TRUSTED_TO_AUTH_FOR_DELEGATION = 0x1000000;
        #endregion

        /// <summary>
        /// 创建本地用户
        /// </summary>
        /// <param name="userName">用户名</param>
        /// <param name="userPassword">用户密码</param>
        /// <param name="msg">返回消息</param>
        /// <returns>成功与否</returns>
        public static bool CreateLocalUserAccount(string userName, string userPassword, out string error)
        {
            bool bRet = false;
            error = "";
            DirectoryEntry oLocalMachine = null;
            DirectoryEntry oNewUser = null;
            try
            {
                oLocalMachine = new DirectoryEntry("WinNT://" + Environment.MachineName);
                oNewUser = oLocalMachine.Children.Find(userName, "user");
            }
            catch { }
            try
            {
                if (oNewUser == null)
                {
                    oNewUser = oLocalMachine.Children.Add(userName, "user");
                    oNewUser.CommitChanges();
                    error = oNewUser.Guid.ToString();
                    oNewUser.Invoke("SetPassword", new object[] { userPassword });
                    oNewUser.CommitChanges();
                    oNewUser.Invoke("Put", "UserFlags", DONT_EXPIRE_PASSWORD);
                    oNewUser.CommitChanges();
                    oLocalMachine.Close();
                    oNewUser.Close();
                    bRet = true;
                }
                else
                {
                    bRet = true;
                    error = string.Format("用户[{0}]已存在,无法重复创建改该用户!", userName);
                }
            }
            catch (Exception ex)
            {
                error = ex.Message;
            }
            finally
            {
                if (oLocalMachine != null)
                {
                    oLocalMachine.Close();
                    oLocalMachine.Dispose();
                    oLocalMachine = null;
                }
                if (oNewUser != null)
                {
                    oNewUser.Close();
                    oNewUser.Dispose();
                    oNewUser = null;
                }
            }
            return bRet;
        }

        /// <summary>
        /// 删除本地用户
        /// </summary>
        /// <param name="userName">用户名</param>
        /// <returns>成功与否</returns>
        public static bool DeleteLocalUserAccount(string userName, out string error)
        {
            bool bRet = true;
            error = "";
            DirectoryEntry oLocalMachine = null;
            DirectoryEntry oNewUser = null;
            try
            {
                oLocalMachine = new DirectoryEntry("WinNT://" + Environment.MachineName);
                oNewUser = oLocalMachine.Children.Find(userName, "user");
            }
            catch { }
            try
            {
                if (oNewUser != null)
                {
                    oLocalMachine.Children.Remove(oNewUser);
                    oLocalMachine.Close();
                }
            }
            catch (Exception ex)
            {
                error = ex.Message;
                bRet = false;
            }
            finally
            {
                if (oLocalMachine != null)
                {
                    oLocalMachine.Close();
                    oLocalMachine.Dispose();
                    oLocalMachine = null;
                }
                if (oNewUser != null)
                {
                    oNewUser.Close();
                    oNewUser.Dispose();
                    oNewUser = null;
                }
            }
            return bRet;
        }

        /// <summary>
        /// 修改用户密码
        /// </summary>
        /// <param name="userName">用户名</param>
        /// <returns>成功与否</returns>
        public static bool ChangePassword(string userName, string userPassword, out string error)
        {
            bool bRet = true;
            error = "";
            DirectoryEntry oLocalMachine = null;
            DirectoryEntry oNewUser = null;
            try
            {
                oLocalMachine = new DirectoryEntry("WinNT://" + Environment.MachineName);
                oNewUser = oLocalMachine.Children.Find(userName, "user");
            }
            catch { }
            try
            {
                if (oNewUser != null)
                {
                    oNewUser.Invoke("SetPassword", new object[] { userPassword });
                    oNewUser.CommitChanges();
                }
                else
                {
                    error = string.Format("用户[{0}]不存在,无法修改密码!", userName);
                    bRet = false;
                }
            }
            catch (Exception ex)
            {
                error = ex.Message;
                bRet = false;
            }
            finally
            {
                if (oLocalMachine != null)
                {
                    oLocalMachine.Close();
                    oLocalMachine.Dispose();
                    oLocalMachine = null;
                }
                if (oNewUser != null)
                {
                    oNewUser.Close();
                    oNewUser.Dispose();
                    oNewUser = null;
                }
            }
            return bRet;
        }

        /// <summary>
        /// 检查用户是否存在
        /// </summary>
        /// <param name="user"></param>
        /// <param name="returnMsg"></param>
        /// <returns></returns>
        public static bool IsUserExists(string userName)
        {
            bool bRet = false;
            DirectoryEntry oLocalMachine = null;
            DirectoryEntry oNewUser = null;
            try
            {
                oLocalMachine = new DirectoryEntry("WinNT://" + Environment.MachineName);
                oNewUser = oLocalMachine.Children.Find(userName, "user");
                if (oNewUser != null)
                {
                    bRet = true;
                }
            }
            catch
            {
                bRet = false;
            }
            return bRet;
        }

        /// <summary>
        /// 获取本地所有用户
        /// </summary>
        /// <returns></returns>
        public static List<string> GetLocalUserAccount(out string error)
        {
            List<string> oRet = new List<string>();
            DirectoryEntry oLocalMachine = null;
            DirectoryEntry oEntry = null;
            try
            {
                error = null;
                oLocalMachine = new DirectoryEntry("WinNT://" + Environment.MachineName);
                IEnumerator oUserEnum = oLocalMachine.Children.GetEnumerator();
                while (oUserEnum.MoveNext())
                {
                    oEntry = oUserEnum.Current as DirectoryEntry;
                    if (oEntry != null)
                    {
                        if (oEntry.SchemaClassName.Equals("user", StringComparison.OrdinalIgnoreCase))
                        {
                            oRet.Add(oEntry.Name);
                        }
                        oEntry.Close();
                        oEntry.Dispose();
                    }
                }
            }
            catch (Exception ex)
            {
                error = ex.Message;
            }
            finally
            {
                if (oLocalMachine != null)
                {
                    oLocalMachine.Close();
                    oLocalMachine.Dispose();
                    oLocalMachine = null;
                }
            }
            return oRet;
        }

        /// <summary>
        /// 向用户组添加用户
        /// </summary>
        /// <param name="userName">用户名</param>
        /// <param name="groupName">用户组名</param>
        /// <param name="error">返回的错误消息</param>
        /// <returns></returns>
        public static bool AddUserToGroup(string userName, string groupName, out string error)
        {
            bool bRet = false;
            error = "";
            DirectoryEntry oLocalMachine = null;
            DirectoryEntry oGroup = null;
            DirectoryEntry oNewUser = null;
            try
            {
                oLocalMachine = new DirectoryEntry("WinNT://" + Environment.MachineName);
                oGroup = oLocalMachine.Children.Find(groupName, "group");
                oNewUser = oLocalMachine.Children.Find(userName, "user");
            }
            catch
            { }
            try
            {
                if (oGroup != null)
                {
                    if (oNewUser != null)
                    {
                        if (!IsUserInGroups(oNewUser, groupName))
                        {
                            oGroup.Invoke("Add", new object[] { oNewUser.Path });
                            oGroup.CommitChanges();
                            bRet = true;
                        }
                        else
                        {
                            oGroup.Invoke("Remove", new object[] { oNewUser.Path });
                            oGroup.CommitChanges();
                            bRet = true;
                        }
                    }
                    else
                    {
                        error = string.Format("没有找到用户[{0}]", userName);
                    }
                }
                else
                {
                    error = string.Format("没有找到用户组[{0}]", groupName);
                }
            }
            catch (Exception ex)
            {
                error = string.Format("往用户组[{0}]增加用户[{1}]时发生异常:\r\n{2}", groupName, userName, ex.Message);
            }
            finally
            {
                if (oLocalMachine != null)
                {
                    oLocalMachine.Close();
                    oLocalMachine.Dispose();
                    oLocalMachine = null;
                }
                if (oGroup != null)
                {
                    oGroup.Close();
                    oGroup.Dispose();
                    oGroup = null;
                }
                if (oNewUser != null)
                {
                    oNewUser.Close();
                    oNewUser.Dispose();
                    oNewUser = null;
                }
            }
            return bRet;
        }

        /// <summary>
        /// 从用户组删除用户
        /// </summary>
        /// <param name="userName">用户名</param>
        /// <param name="groupName">用户组名</param>
        /// <param name="error">返回的错误消息</param>
        /// <returns></returns>
        public static bool RemoveUserFromGroup(string userName, string groupName, out string error)
        {
            bool bRet = false;
            error = "";
            DirectoryEntry oLocalMachine = null;
            DirectoryEntry oGroup = null;
            DirectoryEntry oNewUser = null;
            try
            {
                oLocalMachine = new DirectoryEntry("WinNT://" + Environment.MachineName);
                oGroup = oLocalMachine.Children.Find(groupName, "group");
                oNewUser = oLocalMachine.Children.Find(userName, "user");
            }
            catch
            { }
            try
            {
                if (oGroup != null)
                {
                    if (oNewUser != null)
                    {
                        if (IsUserInGroups(oNewUser, groupName))
                        {
                            oGroup.Invoke("Remove", new object[] { oNewUser.Path });
                            oGroup.CommitChanges();
                        }
                        bRet = true;
                    }
                    else
                    {
                        error = string.Format("没有找到用户[{0}]", userName);
                    }
                }
                else
                {
                    error = string.Format("没有找到用户组[{0}]", groupName);
                }
            }
            catch (Exception ex)
            {
                error = string.Format("从用户组[{0}]删除用户[{1}]时发生异常:\r\n{2}", groupName, userName, ex.Message);
            }
            finally
            {
                if (oLocalMachine != null)
                {
                    oLocalMachine.Close();
                    oLocalMachine.Dispose();
                    oLocalMachine = null;
                }
                if (oGroup != null)
                {
                    oGroup.Close();
                    oGroup.Dispose();
                    oGroup = null;
                }
                if (oNewUser != null)
                {
                    oNewUser.Close();
                    oNewUser.Dispose();
                    oNewUser = null;
                }
            }
            return bRet;
        }

        /// <summary>
        /// 判断用户是否已在用户组中
        /// </summary>
        /// <param name="userObj"></param>
        /// <param name="groupName"></param>
        /// <returns></returns>
        private static bool IsUserInGroups(DirectoryEntry userObj, string groupName)
        {
            bool bRet = false;
            if (userObj != null)
            {
                object oGroups = userObj.Invoke("groups", null);
                DirectoryEntry oGroup = null;
                try
                {
                    foreach (object group in (IEnumerable)oGroups)
                    {
                        oGroup = new DirectoryEntry(group);
                        if (oGroup.Name.Equals(groupName, StringComparison.OrdinalIgnoreCase))
                        {
                            bRet = true;
                            break;
                        }
                    }
                }
                catch { }
            }
            return bRet;
        }
    }
}


ActiveDirectory.rar

6.47 KB, 下载次数: 2

程序设置目录权限

回复

使用道具 举报

Archiver|手机版|小黑屋|开发者网 ( 苏ICP备08004430号-2 )
版权所有:南京韵文教育信息咨询有限公司

GMT+8, 2024-12-22 15:08

Powered by Discuz! X3.4

Copyright © 2001-2021, Tencent Cloud.

快速回复 返回顶部 返回列表