C# active directory 编程 增加、删除、修改、查询
一、用户属性
mobile : mobiletel
badpwdcount : 0
homephone : hometel
userprincipalname : Jack@m1.cn
givenname : 名
samaccountname : Jack
title : 职务
cn : Jack
whencreated : 2011/9/23 3:14:18
displayname : 显示名称
lastlogon : 129615905072762619
dscorepropagationdata : 1601/1/1 0:00:00
samaccounttype : 805306368
countrycode : 32
objectguid : System.Byte[]
logoncount : 27
wwwhomepage : 网页
usnchanged : 53367
objectsid : System.Byte[]
codepage : 936
c : AR
manager : CN=bb,CN=Users,DC=m1,DC=cn
whenchanged : 2011/9/28 4:12:28
physicaldeliveryofficename : 办公室
lastlogoff : 0
pwdlastset : 129612190207063371
co : 中国
badpasswordtime : 129615904950458619
instancetype : 4
primarygroupid : 513
objectcategory : CN=Person,CN=Schema,CN=Configuration,DC=m1,DC=cn
objectclass : top
useraccountcontrol : 544
description : 描述
distinguishedname : CN=Jack,CN=Users,DC=jeteam1,DC=cn
usncreated : 8196
memberof : CN=AD RMS 企业管理员,CN=Users,DC=jeteam1,DC=cn
sn : 姓
mail : email@d.cn
adspath : LDAP://m1.cn/CN=Jack,CN=Users,DC=m1,DC=cn
initials : 英文缩写
telephonenumber : 电话号码
accountexpires : 0
department : 部门
admincount : 1
logonhours : System.Byte[]
name : Jack
company : 公司
二、查看所有属性
DirectoryEntry entry = new DirectoryEntry("LDAP://jeteam1.cn", "Jack", "a321");
DirectorySearcher mySearcher = new DirectorySearcher(entry);
mySearcher.Filter = "(&(objectClass=user)(objectCategory=person))";
//mySearcher.PropertiesToLoad.Add("title");
//mySearcher.PropertiesToLoad.Add("samaccountname");//用户账号
SearchResultCollection resultCol = mySearcher.FindAll();
StringBuilder sb = new StringBuilder();
foreach (SearchResult item in resultCol)
{
ResultPropertyCollection props = item.Properties;
foreach (string propName in props.PropertyNames)
{
sb.Append(propName + " : " + props[propName][0] +Environment.NewLine);
}
sb.Append(Environment.NewLine);
}
textBox1.Text = sb.ToString();
using System; using System.Collections; using System.Text; using System.DirectoryServices; using System.Data; using System.Configuration; namespace ADExchangeLib { public class ADMethods : IDisposable { DirectoryEntry oDE = null; DirectoryEntry oDEC = null; DirectorySearcher oDS = null; SearchResultCollection oResults = null; DataSet oDs = null; DataSet oDsUser = null; DataTable oTb = null; DataRow oRwUser = null; DataRow oRwResult = null; DataRow oNewCustomersRow = null; #region Private Variables private string sADPath = ""; private string sADPathPrefix = ""; private string sADUser = ""; private string sADPassword = ""; private string sADServer = ""; private string sCharactersToTrim = ""; #endregion #region Enumerations public enum ADAccountOptions { UF_TEMP_DUPLICATE_ACCOUNT = 0x0100, UF_NORMAL_ACCOUNT = 0x0200, UF_INTERDOMAIN_TRUST_ACCOUNT = 0x0800, UF_WORKSTATION_TRUST_ACCOUNT = 0x1000, UF_SERVER_TRUST_ACCOUNT = 0x2000, UF_DONT_EXPIRE_PASSWD = 0x10000, UF_SCRIPT = 0x0001, UF_ACCOUNTDISABLE = 0x0002, UF_HOMEDIR_REQUIRED = 0x0008, UF_LOCKOUT = 0x0010, UF_PASSWD_NOTREQD = 0x0020, UF_PASSWD_CANT_CHANGE = 0x0040, UF_ACCOUNT_LOCKOUT = 0X0010, UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED = 0X0080, UF_EXPIRE_USER_PASSWORD = 0x800000, } public enum GroupType : uint { UniversalGroup = 0x08, DomainLocalGroup = 0x04, GlobalGroup = 0x02, SecurityGroup = 0x80000000 } public enum LoginResult { LOGIN_OK = 0, LOGIN_USER_DOESNT_EXIST, LOGIN_USER_ACCOUNT_INACTIVE } #endregion #region Methods public ADMethods() { sADPath = ConfigurationSettings.AppSettings["sADPath"].ToString(); sADUser = ConfigurationSettings.AppSettings["sADUser"].ToString(); sADPassword = ConfigurationSettings.AppSettings["sADPassword"].ToString(); sADServer = ConfigurationSettings.AppSettings["sADServer"].ToString(); } //Implement IDisposable. public void Dispose() { Dispose(true); GC.SuppressFinalize(this); } protected virtual void Dispose(bool bDisposing) { if (bDisposing) { } // Free your own state. // Set large fields to null. sADPath = null; sADUser = null; sADPassword = null; sADServer = null; sCharactersToTrim = null; oDE = null; oDEC = null; oDS = null; oResults = null; oDs = null; oDsUser = null; oTb = null; oRwUser = null; oRwResult = null; oNewCustomersRow = null; } //Use C# Destructor Syntax for Finalization Code. ~ADMethods() { //Simply call Dispose(false). Dispose(false); } #region Validate Methods /// <summary> /// This Method will verify if the User Account Exists /// By Matching both the Username and Password as well as /// checking if the Account is Active. /// </summary> /// <param name="sUserName">Username to Validate</param> /// <param name="sPassword">Password of the Username to Validate</param> /// <returns></returns> public ADMethods.LoginResult Login(string sUserName, string sPassword) { //Check if the Logon exists Based on the Username and Password if (IsUserValid(sUserName, sPassword)) { oDE = GetUser(sUserName); if (oDE != null) { //Check the Account Status int iUserAccountControl = Convert.ToInt32(oDE.Properties["userAccountControl"][0]); oDE.Close(); //If the Disabled Item does not Exist then the Account is Active if (!IsAccountActive(iUserAccountControl)) { return LoginResult.LOGIN_USER_ACCOUNT_INACTIVE; } else { return LoginResult.LOGIN_OK; } } else { return LoginResult.LOGIN_USER_DOESNT_EXIST; } } else { return LoginResult.LOGIN_USER_DOESNT_EXIST; } } /// <summary> /// This will perform a logical operation on the iUserAccountControl values /// to see if the user Account is Enabled or Disabled. /// The Flag for Determining if the Account is active is a Bitwise value (Decimal = 2) /// </summary> /// <param name="iUserAccountControl"></param> /// <returns></returns> public bool IsAccountActive(int iUserAccountControl) { int iUserAccountControl_Disabled = Convert.ToInt32(ADAccountOptions.UF_ACCOUNTDISABLE); int iFlagExists = iUserAccountControl & iUserAccountControl_Disabled; //If a Match is Found, then the Disabled Flag Exists within the Control Flags if (iFlagExists > 0) { return false; } else { return true; } } /// <summary> /// This will perform a logical operation on the sUserName values /// to see if the user Account is Enabled or Disabled. /// The Flag for Determining if the Account is active is a Bitwise value (Decimal = 2) /// </summary> /// <param name="sUserName">Username to Validate</param> /// <returns></returns> public bool IsAccountActive(string sUserName) { oDE = GetUser(sUserName); if (oDE != null) { //to check of the Disabled option exists. int iUserAccountControl = Convert.ToInt32(oDE.Properties["userAccountControl"][0]); oDE.Close(); //Check if the Disabled Item does not Exist then the Account is Active if (!IsAccountActive(iUserAccountControl)) { return false; } else { return true; } } else { return false; } } /// <summary> /// This Method will Attempt to log in a User Based on the Username and Password /// to Ensure that they have been set up within the Active Directory. /// This is the basic UserName and Password check. /// </summary> /// <param name="sUserName">Username to Validate</param> /// <param name="sPassword">Password of the Username to Validate</param> /// <returns></returns> public bool IsUserValid(string sUserName, string sPassword) { try { oDE = GetUser(sUserName, sPassword); oDE.Close(); return true; } catch { return false; } } #endregion #region Search Methods /// <summary> /// This will return a DirectoryEntry Object if the User Exists /// </summary> /// <param name="sUserName">Username to Get</param> /// <returns></returns> public DirectoryEntry GetUser(string sUserName) { //Create an Instance of the DirectoryEntry oDE = GetDirectoryObject(); //Create Instance of the Directory Searcher oDS = new DirectorySearcher(); oDS.SearchRoot = oDE; //Set the Search Filter oDS.Filter = "(&(objectClass=user)(sAMAccountName=" + sUserName + "))"; oDS.SearchScope = SearchScope.Subtree; oDS.PageSize = 10000; //Find the First Instance SearchResult oResults = oDS.FindOne(); //If found then Return Directory Object, otherwise return Null if (oResults != null) { oDE = new DirectoryEntry (oResults.Path, sADUser, sADPassword, AuthenticationTypes.Secure); return oDE; } else { return null; } } /// <summary> /// Override method which will perform query /// based on combination of Username and Password /// </summary> /// <param name="sUserName">Username to Get</param> /// <param name="sPassword">Password for the Username to Get</param> /// <returns></returns> public DirectoryEntry GetUser(string sUserName, string sPassword) { //Create an Instance of the DirectoryEntry oDE = GetDirectoryObject(sUserName, sPassword); //Create Instance of the Directory Searcher oDS = new DirectorySearcher(); oDS.SearchRoot = oDE; //Set the Search Filter oDS.Filter = "(&(objectClass=user)(sAMAccountName=" + sUserName + "))"; oDS.SearchScope = SearchScope.Subtree; oDS.PageSize = 10000; //Find the First Instance SearchResult oResults = oDS.FindOne(); //If a Match is Found, Return Directory Object, Otherwise return Null if (oResults != null) { oDE = new DirectoryEntry (oResults.Path, sADUser, sADPassword, AuthenticationTypes.Secure); return oDE; } else { return null; } } /// <summary> /// This will take a Username and Query the AD for the User. /// When found it will Transform the Results from the Property Collection into a Dataset. /// </summary> /// <param name="sUserName">Username to Get</param> /// <returns>Users Dataset</returns> public DataSet GetUserDataSet(string sUserName) { oDE = GetDirectoryObject(); //Create Instance of the Directory Searcher oDS = new DirectorySearcher(); oDS.SearchRoot = oDE; //Set the Search Filter oDS.Filter = "(&(objectClass=user)(sAMAccountName=" + sUserName + "))"; oDS.SearchScope = SearchScope.Subtree; oDS.PageSize = 10000; //Find the First Instance SearchResult oResults = oDS.FindOne(); //Create Empty User Dataset oDsUser = CreateUserDataSet(); //If Record is not Null, Then Populate DataSet if (oResults != null) { oNewCustomersRow = oDsUser.Tables["User"].NewRow(); oNewCustomersRow = PopulateUserDataSet(oResults, oDsUser.Tables["User"]); oDsUser.Tables["User"].Rows.Add(oNewCustomersRow); } oDE.Close(); return oDsUser; } /// <summary> /// This Method will Return a Dataset of User Details /// Based on Criteria passed to the Query /// The criteria is in the LDAP format /// e.g. /// (sAMAccountName='Test Account Name')(sn='Test Surname') /// </summary> /// <param name="sCriteria">Criteria to use for Searching</param> /// <returns>Users Dataset</returns> public DataSet GetUsersDataSet(string sCriteria) { oDE = GetDirectoryObject(); //Create Instance of the Directory Searcher oDS = new DirectorySearcher(); oDS.SearchRoot = oDE; //Set the Search Filter oDS.Filter = "(&(objectClass=user)(objectCategory=person)(" + sCriteria + "))"; oDS.SearchScope = SearchScope.Subtree; oDS.PageSize = 10000; //Find the First Instance oResults = oDS.FindAll(); //Create Empty User Dataset oDsUser = CreateUserDataSet(); //If Record is not Null, Then Populate DataSet try { if (oResults.Count > 0) { foreach (SearchResult oResult in oResults) { oDsUser.Tables["User"].Rows.Add(PopulateUserDataSet(oResult, oDsUser.Tables["User"])); } } } catch { } oDE.Close(); return oDsUser; } #endregion #region User Account Methods /// <summary> /// This Method will set the Users Password based on the User Name /// </summary> /// <param name="sUserName">The Username to Set the New Password</param> /// <param name="sNewPassword">The New Password</param> /// <param name="sMessage">Any Messages caught by the Exception</param> public void SetUserPassword(string sUserName, string sNewPassword, out string sMessage) { try { //Get Reference to User string LDAPDomain = "/sAMAccountName=" + sUserName + ",CN=Users," + GetLDAPDomain(); oDE = GetDirectoryObject(LDAPDomain); oDE.Invoke("SetPassword", new Object[] { sNewPassword }); oDE.CommitChanges(); oDE.Close(); sMessage = ""; } catch (Exception ex) { sMessage = ex.Message; } } /// <summary> /// This Method will set the Users Password based on Directory Entry Object /// </summary> /// <param name="oDE">The Directory Entry to Set the New Password</param> /// <param name="sPassword">The New Password</param> /// <param name="sMessage">Any Messages caught by the Exception</param> public void SetUserPassword(DirectoryEntry oDE, string sPassword, out string sMessage) { try { //Set The new Password oDE.Invoke("SetPassword", new Object[] { sPassword }); sMessage = ""; oDE.CommitChanges(); oDE.Close(); } catch (Exception ex) { sMessage = ex.InnerException.Message; } } /// <summary> /// This Method will Enable a User Account Based on the Username /// </summary> /// <param name="sUserName">The Username of the Account to Enable</param> public void EnableUserAccount(string sUserName) { //Get the Directory Entry for the User and Enable the Password EnableUserAccount(GetUser(sUserName)); } /// <summary> /// This Method will Enable a User Account Based on the Directory Entry Object /// </summary> /// <param name="oDE">The Directory Entry Object of the Account to Enable</param> public void EnableUserAccount(DirectoryEntry oDE) { oDE.Properties["userAccountControl"][0] = ADMethods.ADAccountOptions.UF_NORMAL_ACCOUNT; oDE.CommitChanges(); oDE.Close(); } /// <summary> /// This Method will Force Expire a Users Password based on Directory Entry Object /// </summary> /// <param name="oDE">The Directory Entry Object of the Account to Expire</param> public void ExpireUserPassword(DirectoryEntry oDE) { //Set the Password Last Set to 0, this will Expire the Password oDE.Properties["pwdLastSet"][0] = 0; oDE.CommitChanges(); oDE.Close(); } /// <summary> /// This Method will Disable the User Account based on the Username /// </summary> /// <param name="sUsername">The Username of the Account to Disable</param> public void DisableUserAccount(string sUserName) { DisableUserAccount(GetUser(sUserName)); } /// <summary> /// This Method will Disable the User Account based on the Directory Entry Object /// </summary> /// <param name="oDE">The Directory Entry Object of the Account to Disable</param> public void DisableUserAccount(DirectoryEntry oDE) { oDE.Properties["userAccountControl"][0] = ADMethods.ADAccountOptions.UF_NORMAL_ACCOUNT | ADMethods.ADAccountOptions.UF_DONT_EXPIRE_PASSWD | ADMethods.ADAccountOptions.UF_ACCOUNTDISABLE; oDE.CommitChanges(); oDE.Close(); } /// <summary> /// Moves a User Account to a New OU Path /// </summary> /// <param name="oDE">Directory Entry Object of the User to Move</param> /// <param name="sNewOUPath">The New Path</param> public void MoveUserAccount(DirectoryEntry oDE, string sNewOUPath) { DirectoryEntry myNewPath = null; //Define the new Path myNewPath = new DirectoryEntry("LDAP://" + sADServer + "/" + sNewOUPath, sADUser, sADPassword, AuthenticationTypes.Secure); oDE.MoveTo(myNewPath); oDE.CommitChanges(); oDE.Close(); } /// <summary> /// This Method checks whether and Account is Locked /// based on the Directory Entry Object /// </summary> /// <param name="oDE">Directory Entry Object of the Account to check</param> /// <returns></returns> public bool IsAccountLocked(DirectoryEntry oDE) { return Convert.ToBoolean(oDE.InvokeGet("IsAccountLocked")); } /// <summary> /// This Method will unlock a User Account based on the Directory Entry Object /// </summary> /// <param name="oDE">Directory Entry Object of the Account to unlock</param> public void UnlockUserAccount(DirectoryEntry oDE) { SetProperty(oDE, "lockoutTime", "0"); } /// <summary> /// This Method checks whether and Account is /// Expired based on the Directory Entry Object /// </summary> /// <param name="oDE">Directory Entry Object of the Account to check</param> /// <returns></returns> public bool IsUserExpired(DirectoryEntry oDE) { int iDecimalValue = int.Parse(GetProperty(oDE, "userAccountControl")); string sBinaryValue = Convert.ToString(iDecimalValue, 2); //Reverse the Binary Value to get the Location for all 1's char[] str = sBinaryValue.ToCharArray(); Array.Reverse(str); string sBinaryValueReversed = new string(str); //24th 1 is the Switch for the Expired Account if (sBinaryValueReversed.Length >= 24) { if (sBinaryValueReversed.Substring(24, 1) == "1") { return true; } else { return false; } } return false; } /// <summary> /// This Method will Create a new User Directory Object /// </summary> /// <param name="sCN">The CN of the New User</param> /// <returns></returns> public DirectoryEntry CreateNewUser(string sCN) { //Set the LDAP Path so that the user will be Created under the Users Container string LDAPDomain = "/CN=Users," + GetLDAPDomain(); oDE = GetDirectoryObject(); oDEC = oDE.Children.Add("CN=" + sCN, "user"); oDE.Close(); return oDEC; } /// <summary> /// This Method will Create a new User Directory Object /// based on a Username and LDAP Domain /// </summary> /// <param name="sUserName">The Username of the New User</param> /// <param name="sLDAPDomain">The LDAP Domain for the New User</param> /// <returns></returns> public DirectoryEntry CreateNewUser(string sUserName, string sLDAPDomain) { //Set the LDAP qualification so that the user will be Created under the Users Container string LDAPDomain = "/CN=Users," + sLDAPDomain; oDE = new DirectoryEntry("LDAP://" + sADServer + "/" + sLDAPDomain, sADUser, sADPassword, AuthenticationTypes.Secure); oDEC = oDE.Children.Add("CN=" + sUserName, "user"); oDE.Close(); return oDEC; } /// <summary> /// This Method will Delete an AD User based on UserNaeme. /// Please be careful when using this /// The only way you can restore this object is by Tombstone which will not /// Restore every details on the Directory Entry object /// </summary> /// <param name="sUserName">The Username of the Account to Delete</param> /// <returns>True or False if the Delete was successful</returns> public bool DeleteUser(string sUserName) { string sParentPath = GetUser(sUserName).Parent.Path; return DeleteUser(sUserName, sParentPath); } /// <summary> /// This Method will Delete an AD User based on Username and specifying the Path. /// Please be careful when using this /// The only way you can restore this object is by Tombstone which will not /// Restore every details on the Directory Entry object /// </summary> /// <param name="sUserName">The Username of the Account to Delete</param> /// <param name="sParentPath">The Path where the Useraccount is Located on LDAP</param> /// <returns></returns> public bool DeleteUser(string sUserName, string sParentPath) { try { oDE = new DirectoryEntry(sParentPath, sADUser, sADPassword, AuthenticationTypes.Secure); oDE.Children.Remove(GetUser(sUserName)); oDE.CommitChanges(); oDE.Close(); return true; } catch { return false; } } #endregion #region Group Methods /// <summary> /// This Method will Create a New Active Directory Group /// </summary> /// <param name="sOULocation">OU Location of the New Group to be Created</param> /// <param name="sGroupName">The Group Name</param> /// <param name="sDescription">The Group Description</param> /// <param name="oGroupTypeInput">The Group Type</param> /// <param name="bSecurityGroup">True or False whether the Group is a /// Security Group or a Distribution Group</param> /// <returns></returns> public DirectoryEntry CreateNewGroup(string sOULocation, string sGroupName, string sDescription, GroupType oGroupTypeInput, bool bSecurityGroup) { GroupType oGroupType; oDE = new DirectoryEntry("LDAP://" + sADServer + "/" + sOULocation, sADUser, sADPassword, AuthenticationTypes.Secure); //Check if the Requested group is a Security Group or Distribution Group if (bSecurityGroup) { oGroupType = oGroupTypeInput | GroupType.SecurityGroup; } else { oGroupType = oGroupTypeInput; } int typeNum = (int)oGroupType; //Add Properties to the Group DirectoryEntry myGroup = oDE.Children.Add("cn=" + sGroupName, "group"); myGroup.Properties["sAMAccountName"].Add(sGroupName); myGroup.Properties["description"].Add(sDescription); myGroup.Properties["groupType"].Add(typeNum); myGroup.CommitChanges(); return myGroup; } /// <summary> /// This Method will add a User Based on the Distinguished Name to an AD Group /// </summary> /// <param name="sDN">The Users Distinguished Name</param> /// <param name="sGroupDN">The Groups Distinguished Name</param> public void AddUserToGroup(string sDN, string sGroupDN) { oDE = new DirectoryEntry("LDAP://" + sADServer + "/" + sGroupDN, sADUser, sADPassword, AuthenticationTypes.Secure); //Adds the User to the Group oDE.Properties["member"].Add(sDN); oDE.CommitChanges(); oDE.Close(); } /// <summary> /// This Method will remove a User Based on the Distinguished Name to an AD Group /// </summary> /// <param name="sDN">The Users Distinguished Name</param> /// <param name="sGroupDN">The Groups Distinguished Name</param> public void RemoveUserFromGroup(string sDN, string sGroupDN) { oDE = new DirectoryEntry("LDAP://" + sADServer + "/" + sGroupDN, sADUser, sADPassword, AuthenticationTypes.Secure); //Removes the User to the Group oDE.Properties["member"].Remove(sDN); oDE.CommitChanges(); oDE.Close(); } /// <summary> /// This Method will Validate whether the User is a member of an AD Group /// </summary> /// <param name="sDN">The Users Distinguished Name</param> /// <param name="sGroupDN">The Groups Distinguished Name</param> /// <returns></returns> public bool IsUserGroupMember(string sDN, string sGroupDN) { oDE = new DirectoryEntry("LDAP://" + sADServer + "/" + sDN, sADUser, sADPassword, AuthenticationTypes.Secure); string sUserName = GetProperty(oDE, "sAMAccountName"); ArrayList oUserGroups = GetUserGroups(sUserName); int iGroupsCount = oUserGroups.Count; if (iGroupsCount != 0) { for (int i = 0; i < iGroupsCount; i++) { //Check is User is a Member of the AD Group if (sGroupDN == oUserGroups[i].ToString()) { return true; } } return false; } else { return false; } } /// <summary> /// This Method will return an ArrayList of a User /// AD Group Memberships /// </summary> /// <param name="sUserName">The Username to get Group Memberships</param> /// <returns></returns> public ArrayList GetUserGroups(string sUserName) { ArrayList oGroupMemberships = new ArrayList(); return AttributeValuesMultiString("memberOf", sUserName, oGroupMemberships); } #endregion #region Helper Methods /// <summary> /// This will retrieve the Specified Property Value from the Directory Entry Object /// </summary> /// <param name="oDE">The Directory Object to retrieve from</param> /// <param name="sPropertyName">The Property to retrieve</param> /// <returns></returns> public string GetProperty(DirectoryEntry oDE, string sPropertyName) { if (oDE.Properties.Contains(sPropertyName)) { return oDE.Properties[sPropertyName][0].ToString(); } else { return string.Empty; } } /// <summary> /// This will retrieve the Specified Property Value if it's an /// Array Type from the Directory Entry object /// </summary> /// <param name="oDE">The Directory Object to retrieve from</param> /// <param name="sPropertyName">The Property to retrieve</param> /// <returns></returns> public ArrayList GetProperty_Array(DirectoryEntry oDE, string sPropertyName) { ArrayList myItems = new ArrayList(); if (oDE.Properties.Contains(sPropertyName)) { for (int i = 0; i < oDE.Properties[sPropertyName].Count; i++) { myItems.Add(oDE.Properties[sPropertyName][i].ToString()); } return myItems; } else { return myItems; } } /// <summary> /// This will retrieve the Specified Property Value if its a /// Byte Type from the Directory Entry object /// </summary> /// <param name="oDE">The Directory Object to retrieve from</param> /// <param name="sPropertyName">The Property to retrieve</param> /// <returns></returns> public byte[] GetProperty_Byte(DirectoryEntry oDE, string sPropertyName) { if (oDE.Properties.Contains(sPropertyName)) { return (byte[])oDE.Properties[sPropertyName].Value; } else { return null; } } /// <summary> /// This is an Override that will Allow a Property to be Extracted Directly /// from a Search Result Object /// </summary> /// <param name="oSearchResult">The Search Result</param> /// <param name="sPropertyName">The Property to retrieve</param> /// <returns></returns> public string GetProperty(SearchResult oSearchResult, string sPropertyName) { if (oSearchResult.Properties.Contains(sPropertyName)) { return oSearchResult.Properties[sPropertyName][0].ToString(); } else { return string.Empty; } } /// <summary> /// This will Set the Property of the Directory Entry Object /// </summary> /// <param name="oDE">The Directory Object to Set to</param> /// <param name="sPropertyName">The Property Name</param> /// <param name="sPropertyValue">The Property Value</param> public void SetProperty(DirectoryEntry oDE, string sPropertyName, string sPropertyValue) { //Check if the Value is Valid if (sPropertyValue != string.Empty) { //Check if the Property Exists if (oDE.Properties.Contains(sPropertyName)) { oDE.Properties[sPropertyName].Value = sPropertyValue; oDE.CommitChanges(); oDE.Close(); } else { oDE.Properties[sPropertyName].Add(sPropertyValue); oDE.CommitChanges(); oDE.Close(); } } } /// <summary> /// This will Set the Property of the Directory Entry Object /// </summary> /// <param name="oDE">The Directory Object to Set to</param> /// <param name="sPropertyName">The Property Name</param> /// <param name="bPropertyValue">The Property Value</param> public void SetProperty(DirectoryEntry oDE, string sPropertyName, byte[] bPropertyValue) { //Clear Binary Data if Exists oDE.Properties[sPropertyName].Clear(); //Update Attribute with Binary Data from File oDE.Properties[sPropertyName].Add(bPropertyValue); oDE.CommitChanges(); oDE.Dispose(); } /// <summary> /// This will Set the Property of the Directory Entry Object if its an Array Type /// </summary> /// <param name="oDE">The Directory Object to Set to</param> /// <param name="sPropertyName">The Property Name</param> /// <param name="aPropertyValue">The Property Value in Array List Type</param> public void SetProperty(DirectoryEntry oDE, string sPropertyName, ArrayList aPropertyValue) { //Check if the Value is Valid if (aPropertyValue.Count != 0) { foreach (string sPropertyValue in aPropertyValue) { oDE.Properties[sPropertyName].Add(sPropertyValue); oDE.CommitChanges(); oDE.Close(); } } } /// <summary> /// This Method will Clear the Property Values /// </summary> /// <param name="oDE">The Directory Object to Set to</param> /// <param name="sPropertyName">The Property Name to be cleared</param> public void ClearProperty(DirectoryEntry oDE, string sPropertyName) { //Check if the Property Exists if (oDE.Properties.Contains(sPropertyName)) { oDE.Properties[sPropertyName].Clear(); oDE.CommitChanges(); oDE.Close(); } } /// <summary> /// This is an Internal Method for Retrieving a New Directory Entry Object /// </summary> /// <returns></returns> private DirectoryEntry GetDirectoryObject() { oDE = new DirectoryEntry(sADPath, sADUser, sADPassword, AuthenticationTypes.Secure); return oDE; } /// <summary> /// Override Function that will Attempt a Logon based on the Username and Password /// </summary> /// <param name="sUserName"></param> /// <param name="sPassword"></param> /// <returns></returns> private DirectoryEntry GetDirectoryObject(string sUserName, string sPassword) { oDE = new DirectoryEntry(sADPath, sUserName, sPassword, AuthenticationTypes.Secure); return oDE; } /// <summary> /// This will Create the Directory Entry based on the Domain Reference /// </summary> /// <param name="sDomainReference"></param> /// <returns></returns> private DirectoryEntry GetDirectoryObject(string sDomainReference) { oDE = new DirectoryEntry(sADPath + sDomainReference, sADUser, sADPassword, AuthenticationTypes.Secure); return oDE; } /// <summary> ///This will Create the Directory Entry based on the LDAP Path /// </summary> /// <param name="sPath"></param> /// <returns></returns> public DirectoryEntry GetDirectoryObject_ByPath(string sPath) { oDE = new DirectoryEntry(sADPathPrefix + sPath, sADUser, sADPassword, AuthenticationTypes.Secure); return oDE; } /// <summary> /// Additional Override that will Allow oObject to be /// Created based on the Username and Password. /// </summary> /// <param name="DomainReference"></param> /// <param name="sUserName"></param> /// <param name="sPassword"></param> /// <returns></returns> private DirectoryEntry GetDirectoryObject (string sDomainReference, string sUserName, string sPassword) { oDE = new DirectoryEntry (sADPath + sDomainReference, sUserName, sPassword, AuthenticationTypes.Secure); return oDE; } /// <summary> /// This will retrieve the Distinguished Name from the DirectoryEntry Object /// </summary> /// <param name="oDE">The Directory Entry Object to get the /// Distinguished Name From</param> /// <returns></returns> public string GetDistinguishedName(DirectoryEntry oDE) { if (oDE.Properties.Contains("distinguishedName")) { return oDE.Properties["distinguishedName"][0].ToString(); } else { return string.Empty; } } /// <summary> /// This will retrieve the Distinguished Name from the User Name /// </summary> /// <param name="oDE">The User Name to get the Distinguished Name From</param> /// <returns></returns> public string GetDistinguishedName(string sUserName) { oDE = GetUser(sUserName); if (oDE.Properties.Contains("distinguishedName")) { return oDE.Properties["distinguishedName"][0].ToString(); } else { return string.Empty; } } /// <summary> /// This Method will Get the Array List of the Directory Object Attribute /// </summary> /// <param name="sAttributeName"></param> /// <param name="sUserName"></param> /// <param name="oValuesCollection"></param> /// <returns></returns> public ArrayList AttributeValuesMultiString (string sAttributeName, string sUserName, ArrayList oValuesCollection) { oDE = GetUser(sUserName); PropertyValueCollection oValueCollection = oDE.Properties[sAttributeName]; IEnumerator oIEn = oValueCollection.GetEnumerator(); while (oIEn.MoveNext()) { if (oIEn.Current != null) { if (!oValuesCollection.Contains(oIEn.Current.ToString())) { oValuesCollection.Add(oIEn.Current.ToString()); } } } oDE.Close(); oDE.Dispose(); return oValuesCollection; } #endregion #region Internal Methods /// <summary> /// This will read in the ADServer Value from the Web.config and will Return it /// as an LDAP Path /// e.g.. DC=testing, DC=co, DC=nz. /// This is required when Creating Directory Entry other than the Root. /// </summary> /// <returns></returns> private string GetLDAPDomain() { StringBuilder LDAPDomain = new StringBuilder(); string[] LDAPDC = sADServer.Split('.'); for (int i = 0; i < LDAPDC.GetUpperBound(0) + 1; i++) { LDAPDomain.Append("DC=" + LDAPDC[i]); if (i < LDAPDC.GetUpperBound(0)) { LDAPDomain.Append(","); } } return LDAPDomain.ToString(); } /// <summary> /// This method will Create a Dataset Structure /// Containing all Relevant Fields for a User Object /// </summary> /// <returns></returns> private DataSet CreateUserDataSet() { oDs = new DataSet(); oTb = oDs.Tables.Add("User"); //Create All the Columns oTb.Columns.Add("company"); oTb.Columns.Add("department"); oTb.Columns.Add("description"); oTb.Columns.Add("displayName"); oTb.Columns.Add("facsimileTelephoneNumber"); oTb.Columns.Add("givenName"); oTb.Columns.Add("homePhone"); oTb.Columns.Add("employeeNumber"); oTb.Columns.Add("initials"); oTb.Columns.Add("ipPhone"); oTb.Columns.Add("l"); oTb.Columns.Add("mail"); oTb.Columns.Add("manager"); oTb.Columns.Add("mobile"); oTb.Columns.Add("name"); oTb.Columns.Add("pager"); oTb.Columns.Add("physicalDeliveryOfficeName"); oTb.Columns.Add("postalAddress"); oTb.Columns.Add("postalCode"); oTb.Columns.Add("postOfficeBox"); oTb.Columns.Add("sAMAccountName"); oTb.Columns.Add("sn"); oTb.Columns.Add("st"); oTb.Columns.Add("street"); oTb.Columns.Add("streetAddress"); oTb.Columns.Add("telephoneNumber"); oTb.Columns.Add("title"); oTb.Columns.Add("userPrincipalName"); oTb.Columns.Add("wWWHomePage"); oTb.Columns.Add("whenCreated"); oTb.Columns.Add("whenChanged"); oTb.Columns.Add("distinguishedName"); oTb.Columns.Add("info"); return oDs; } /// <summary> /// This method will Create a Dataset Structure Containing all /// Relevant Fields for a Group Object /// </summary> /// <param name="sTableName"></param> /// <returns></returns> private DataSet CreateGroupDataSet(string sTableName) { oDs = new DataSet(); oTb = oDs.Tables.Add(sTableName); //Create all the Columns oTb.Columns.Add("distinguishedName"); oTb.Columns.Add("name"); oTb.Columns.Add("friendlyname"); oTb.Columns.Add("description"); oTb.Columns.Add("domainType"); oTb.Columns.Add("groupType"); oTb.Columns.Add("groupTypeDesc"); return oDs; } /// <summary> /// This Method will Return a DataRow Object which will be added /// to the User Dataset Object /// </summary> /// <param name="oUserSearchResult"></param> /// <param name="oUserTable"></param> /// <returns></returns> private DataRow PopulateUserDataSet(SearchResult oUserSearchResult, DataTable oUserTable) { //Sets a New Empty Row oRwUser = oUserTable.NewRow(); oRwUser["company"] = GetProperty(oUserSearchResult, "company"); oRwUser["department"] = GetProperty(oUserSearchResult, "department"); oRwUser["description"] = GetProperty(oUserSearchResult, "description"); oRwUser["displayName"] = GetProperty(oUserSearchResult, "displayName"); oRwUser["facsimileTelephoneNumber"] = GetProperty (oUserSearchResult, "facsimileTelephoneNumber"); oRwUser["givenName"] = GetProperty(oUserSearchResult, "givenName"); oRwUser["homePhone"] = GetProperty(oUserSearchResult, "homePhone"); oRwUser["employeeNumber"] = GetProperty(oUserSearchResult, "employeeNumber"); oRwUser["initials"] = GetProperty(oUserSearchResult, "initials"); oRwUser["ipPhone"] = GetProperty(oUserSearchResult, "ipPhone"); oRwUser["l"] = GetProperty(oUserSearchResult, "l"); oRwUser["mail"] = GetProperty(oUserSearchResult, "mail"); oRwUser["manager"] = GetProperty(oUserSearchResult, "manager"); oRwUser["mobile"] = GetProperty(oUserSearchResult, "mobile"); oRwUser["name"] = GetProperty(oUserSearchResult, "name"); oRwUser["pager"] = GetProperty(oUserSearchResult, "pager"); oRwUser["physicalDeliveryOfficeName"] = GetProperty (oUserSearchResult, "physicalDeliveryOfficeName"); oRwUser["postalAddress"] = GetProperty(oUserSearchResult, "postalAddress"); oRwUser["postalCode"] = GetProperty(oUserSearchResult, "postalCode"); oRwUser["postOfficeBox"] = GetProperty(oUserSearchResult, "postOfficeBox"); oRwUser["sAMAccountName"] = GetProperty(oUserSearchResult, "sAMAccountName"); oRwUser["sn"] = GetProperty(oUserSearchResult, "sn"); oRwUser["st"] = GetProperty(oUserSearchResult, "st"); oRwUser["street"] = GetProperty(oUserSearchResult, "street"); oRwUser["streetAddress"] = GetProperty(oUserSearchResult, "streetAddress"); oRwUser["telephoneNumber"] = GetProperty(oUserSearchResult, "telephoneNumber"); oRwUser["title"] = GetProperty(oUserSearchResult, "title"); oRwUser["userPrincipalName"] = GetProperty(oUserSearchResult, "userPrincipalName"); oRwUser["wWWHomePage"] = GetProperty(oUserSearchResult, "wWWHomePage"); oRwUser["whenCreated"] = GetProperty(oUserSearchResult, "whenCreated"); oRwUser["whenChanged"] = GetProperty(oUserSearchResult, "whenChanged"); oRwUser["distinguishedName"] = GetProperty(oUserSearchResult, "distinguishedName"); oRwUser["info"] = GetProperty(oUserSearchResult, "info"); return oRwUser; } /// <summary> /// This Method will Return a DataRow object which will be /// added to the Group Dataset Object /// </summary> /// <param name="oSearchResult"></param> /// <param name="oTable"></param> /// <returns></returns> private DataRow PopulateGroupDataSet(SearchResult oSearchResult, DataTable oTable) { //Sets a New Empty Row oRwResult = oTable.NewRow(); string sFullOU = GetProperty(oSearchResult, "distinguishedName"); string[] splita = sCharactersToTrim.ToString().Split(new Char[] { ';' }); foreach (string sa in splita) { sFullOU = sFullOU.Replace(sa, ""); } string sDisplayName = ""; string sRawString = ""; string[] split1 = sFullOU.Split(new Char[] { ',' }); foreach (string s1 in split1) { sRawString = s1; sRawString = sRawString.Replace("OU=", ""); sRawString = sRawString.Replace("DC=", ""); sRawString = sRawString.Replace("CN=", ""); sDisplayName = sRawString + "/" + sDisplayName; } oRwResult["distinguishedName"] = GetProperty(oSearchResult, "distinguishedName"); oRwResult["name"] = GetProperty(oSearchResult, "name"); oRwResult["friendlyname"] = sDisplayName.Substring(0, sDisplayName.Length - 1); ; oRwResult["description"] = GetProperty(oSearchResult, "description"); oRwResult["domainType"] = sADServer; string sGroupType = GetProperty(oSearchResult, "groupType"); oRwResult["groupType"] = sGroupType; switch (sGroupType) { case "2": oRwResult["groupTypeDesc"] = "Global, Distribution"; break; case "4": oRwResult["groupTypeDesc"] = "Domain, Distribution"; break; case "8": oRwResult["groupTypeDesc"] = "Universal, Distribution"; break; case "-2147483640": oRwResult["groupTypeDesc"] = "Universal, Security"; break; case "-2147483646": oRwResult["groupTypeDesc"] = "Global, Security"; break; case "-2147483644": oRwResult["groupTypeDesc"] = "Domain, Security"; break; default: oRwResult["groupTypeDesc"] = ""; break; } return oRwResult; } #endregion #endregion } }
posted on 2011-09-28 13:07 Henry_Wang 阅读(1522) 评论(0) 编辑 收藏 举报