这几天使用C#操作windows帐户相当纠结,以前没做过,google翻阅了不少资料,尝试不少方法,终于解决了我的问题。
1.创建windows帐户
/// <summary>
/// 创建Windows帐户
/// </summary>
/// <param name="pathname"></param>
/// <returns></returns>
public static void CreateLocalUser(string username, string password, string description)
{
DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer");
var newUser = localMachine.Children.Add(username, "user");
newUser.Invoke("SetPassword", new object[] { password });
newUser.Invoke("Put", new object[] { "Description", description });
newUser.CommitChanges();
localMachine.Close();
newUser.Close();
}
2.更改Windows帐户密码
/// <summary>
/// 更改Windows帐户密码
/// </summary>
/// <param name="username"></param>
/// <param name="oldPwd"></param>
/// <param name="newPwd"></param>
public static void ChangeWinUserPasswd(string username, string oldPwd, string newPwd)
{
DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer");
DirectoryEntry user = localMachine.Children.Find(username, "user");
object[] password = new object[] { oldPwd, newPwd };
object ret = user.Invoke("ChangePassword", password);
user.CommitChanges();
localMachine.Close();
user.Close();
}
3.判断Windows用户是否存在
/// <summary>
/// 判断Windows用户是否存在
/// </summary>
/// <param name="username"></param>
/// <returns></returns>
public static bool ExistWinUser(string username)
{
try
{
using (DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer"))
{
var user = localMachine.Children.Find(username, "user");
return user != null;
}
}
catch
{
return false;
}
}4.删除Windows用户 /// <summary>
/// 删除Windows用户
/// </summary>
/// <param name="username"></param>
/// <returns></returns>
public static bool DeleteWinUser(string username)
{
try
{
using (DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer"))
{
//删除存在用户
var delUser = localMachine.Children.Find(username, "user");
if (delUser != null)
{
localMachine.Children.Remove(delUser);
}
}
return true;
}
catch
{
return false;
}
}
5.启用/禁用windows帐户
/// <summary>
/// 启用/禁用windows帐户
/// </summary>
/// <param name="username"></param>
public static void Disable(string username, bool isDisable)
{
var userDn = "WinNT://" + Environment.MachineName + "/" + username + ",user";
DirectoryEntry user = new DirectoryEntry(userDn);
user.InvokeSet("AccountDisabled", isDisable);
user.CommitChanges();
user.Close();
}
操作windows帐户的方法的诀窍在于通过DirectoryEntry 实例调用Invoke,InvokeGet,InvokeSet这三个方法。此三个方法可以对对本机 Active Directory 对象调用方法。操作win帐户的Active Directory 对象就是IADsUser接口。DirectoryEntry 实例通过调用Invoke方法调用IADsUser接口的方法,如上面修改Windows帐户密码就是通过调用IADsUser接口的“ChangePassword”方法;通过InvokeGet和InvokeSet方法调用IADsUser接口的属性,如上面的启用/禁用windows帐户,调用IADsUser接口的“AccountDisabled”属性。IADsUser接口具体有什么方法和属性可参考:http://msdn.microsoft.com/zh-cn/library/aa746340(v=VS.85).aspx
浙公网安备 33010602011771号