zoukankan      html  css  js  c++  java
  • ADHelper 活动目录用户操作类

    using  System;
    using  System.DirectoryServices;
    namespace  SystemFrameworks.Helper
    {           /// 
              ///  活动目录辅助类。封装一系列活动目录操作相关的方法。
              /// 
              public  sealed  class  ADHelper
              {
                      /// 
                      ///  域名
                      /// 
                      private  static  string  DomainName  =  "MyDomain";
                      /// 
                      ///  LDAP  地址
                      /// 
                      private  static  string  LDAPDomain  =  "DC=MyDomain,DC=local";
                      /// 
                      ///  LDAP绑定路径
                      /// 
                      private  static  string  ADPath  =  "LDAP://brooks.mydomain.local";
                      /// 
                      ///  登录帐号
                      /// 
                      private  static  string  ADUser  =  "Administrator";
                      /// 
                      ///  登录密码
                      /// 
                      private  static  string  ADPassword  =  "password";
                      /// 
                      ///  扮演类实例
                      /// 
                      private  static  IdentityImpersonation  impersonate  =  new  IdentityImpersonation(ADUser,  ADPassword,  DomainName);
     
                      /// 
                      ///  用户登录验证结果
                      /// 
                      public  enum  LoginResult
                      {
                                /// 
                                ///  正常登录
                                /// 
                                LOGIN_USER_OK  =  0,
                                /// 
                                ///  用户不存在
                                /// 
                                LOGIN_USER_DOESNT_EXIST,
                                /// 
                                ///  用户帐号被禁用
                                /// 
                                LOGIN_USER_ACCOUNT_INACTIVE,
                                /// 
                                ///  用户密码不正确
                                /// 
                                LOGIN_USER_PASSWORD_INCORRECT
                      }
     
                      /// 
                      ///  用户属性定义标志
                      /// 
                      public  enum  ADS_USER_FLAG_ENUM
                      {
                                /// 
                                ///  登录脚本标志。如果通过  ADSI  LDAP  进行读或写操作时,该标志失效。如果通过  ADSI  WINNT,该标志为只读。
                                /// 
                                ADS_UF_SCRIPT  =  0X0001,
                                /// 
                                ///  用户帐号禁用标志
                                /// 
                                ADS_UF_ACCOUNTDISABLE  =  0X0002,
                                /// 
                                ///  主文件夹标志
                                /// 
                                ADS_UF_HOMEDIR_REQUIRED  =  0X0008,
                                /// 
                                ///  过期标志
                                /// 
                                ADS_UF_LOCKOUT  =  0X0010,
                                /// 
                                ///  用户密码不是必须的
                                /// 
                                ADS_UF_PASSWD_NOTREQD  =  0X0020,
                                /// 
                                ///  密码不能更改标志
                                /// 
                                ADS_UF_PASSWD_CANT_CHANGE  =  0X0040,
                                /// 
                                ///  使用可逆的加密保存密码
                                /// 
                                ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED  =  0X0080,
                                /// 
                                ///  本地帐号标志
                                /// 
                                ADS_UF_TEMP_DUPLICATE_ACCOUNT  =  0X0100,
                                /// 
                                ///  普通用户的默认帐号类型
                                /// 
                                ADS_UF_NORMAL_ACCOUNT  =  0X0200,
                                /// 
                                ///  跨域的信任帐号标志
                                /// 
                                ADS_UF_INTERDOMAIN_TRUST_ACCOUNT  =  0X0800,
                                /// 
                                ///  工作站信任帐号标志
                                /// 
                                ADS_UF_WORKSTATION_TRUST_ACCOUNT  =  0x1000,
                                /// 
                                ///  服务器信任帐号标志
                                /// 
                                ADS_UF_SERVER_TRUST_ACCOUNT  =  0X2000,
                                /// 
                                ///  密码永不过期标志
                                /// 
                                ADS_UF_DONT_EXPIRE_PASSWD  =  0X10000,
                                /// 
                                ///  MNS  帐号标志
                                /// 
                                ADS_UF_MNS_LOGON_ACCOUNT  =  0X20000,
                                /// 
                                ///  交互式登录必须使用智能卡
                                /// 
                                ADS_UF_SMARTCARD_REQUIRED  =  0X40000,
                                /// 
                                ///  当设置该标志时,服务帐号(用户或计算机帐号)将通过  Kerberos  委托信任
                                /// 
                                ADS_UF_TRUSTED_FOR_DELEGATION  =  0X80000,
                                /// 
                                ///  当设置该标志时,即使服务帐号是通过  Kerberos  委托信任的,敏感帐号不能被委托
                                /// 
                                ADS_UF_NOT_DELEGATED  =  0X100000,
                                /// 
                                ///  此帐号需要  DES  加密类型
                                /// 
                                ADS_UF_USE_DES_KEY_ONLY  =  0X200000,
                                /// 
                                ///  不要进行  Kerberos  预身份验证
                                /// 
                                ADS_UF_DONT_REQUIRE_PREAUTH  =  0X4000000,
                                /// 
                                ///  用户密码过期标志
                                /// 
                                ADS_UF_PASSWORD_EXPIRED  =  0X800000,
                                /// 
                                ///  用户帐号可委托标志
                                /// 
                                ADS_UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION  =  0X1000000
                      }
     
                      public  ADHelper()
                      {
                                //
                      }
     
                      #region  GetDirectoryObject
     
                      /// 
                      ///  获得DirectoryEntry对象实例,以管理员登陆AD
                      /// 
                      /// 
                      private  static  DirectoryEntry  GetDirectoryObject()
                      {
                                DirectoryEntry  entry  =  new  DirectoryEntry(ADPath,  ADUser,  ADPassword,  AuthenticationTypes.Secure);
                                return  entry;
                      }
     
                      /// 
                      ///  根据指定用户名和密码获得相应DirectoryEntry实体
                      /// 
                      /// 
                      /// 
                      /// 
                      private  static  DirectoryEntry  GetDirectoryObject(string  userName,  string  password)
                      {
                                DirectoryEntry  entry  =  new  DirectoryEntry(ADPath,  userName,  password,  AuthenticationTypes.None);
                                return  entry;
                      }
     
                      /// 
                      ///  i.e.  /CN=Users,DC=creditsights,  DC=cyberelves,  DC=Com
                      /// 
                      /// 
                      /// 
                      private  static  DirectoryEntry  GetDirectoryObject(string  domainReference)
                      {
                                DirectoryEntry  entry  =  new  DirectoryEntry(ADPath  +  domainReference,  ADUser,  ADPassword,  AuthenticationTypes.Secure);
                                return  entry;
                      }
     
                      /// 
                      ///  获得以UserName,Password创建的DirectoryEntry
                      /// 
                      /// 
                      /// 
                      /// 
                      /// 
                      private  static  DirectoryEntry  GetDirectoryObject(string  domainReference,  string  userName,  string  password)
                      {
                                DirectoryEntry  entry  =  new  DirectoryEntry(ADPath  +  domainReference,  userName,  password,  AuthenticationTypes.Secure);
                                return  entry;
                      }
     
                      #endregion
     
                      #region  GetDirectoryEntry
     
                      /// 
                      ///  根据用户公共名称取得用户的  对象
                      /// 
                      ///  用户公共名称
                      ///  如果找到该用户,则返回用户的  对象;否则返回  null
                      public  static  DirectoryEntry  GetDirectoryEntry(string  commonName)
                      {
                                DirectoryEntry  de  =  GetDirectoryObject();
                                DirectorySearcher  deSearch  =  new  DirectorySearcher(de);
                                deSearch.Filter  =  "(&(&(objectCategory=person)(objectClass=user))(cn="  +  commonName  +  "))";
                                deSearch.SearchScope  =  SearchScope.Subtree;
     
                                try
                                {
                                          SearchResult  result  =  deSearch.FindOne();
                                          de  =  new  DirectoryEntry(result.Path);
                                          return  de;
                                }
                                catch
                                {
                                          return  null;
                                }
                      }
     
                      /// 
                      ///  根据用户公共名称和密码取得用户的  对象。
                      /// 
                      ///  用户公共名称
                      ///  用户密码
                      ///  如果找到该用户,则返回用户的  对象;否则返回  null
                      public  static  DirectoryEntry  GetDirectoryEntry(string  commonName,  string  password)
                      {
                                DirectoryEntry  de  =  GetDirectoryObject(commonName,  password);
                                DirectorySearcher  deSearch  =  new  DirectorySearcher(de);
                                deSearch.Filter  =  "(&(&(objectCategory=person)(objectClass=user))(cn="  +  commonName  +  "))";
                                deSearch.SearchScope  =  SearchScope.Subtree;
     
                                try
                                {
                                          SearchResult  result  =  deSearch.FindOne();
                                          de  =  new  DirectoryEntry(result.Path);
                                          return  de;
                                }
                                catch
                                {
                                          return  null;
                                }
                      }
     
                      /// 
                      ///  根据用户帐号称取得用户的  对象
                      /// 
                      ///  用户帐号名
                      ///  如果找到该用户,则返回用户的  对象;否则返回  null
                      public  static  DirectoryEntry  GetDirectoryEntryByAccount(string  sAMAccountName)
                      {
                                DirectoryEntry  de  =  GetDirectoryObject();
                                DirectorySearcher  deSearch  =  new  DirectorySearcher(de);
                                deSearch.Filter  =  "(&(&(objectCategory=person)(objectClass=user))(sAMAccountName="  +  sAMAccountName  +  "))";
                                deSearch.SearchScope  =  SearchScope.Subtree;
     
                                try
                                {
                                          SearchResult  result  =  deSearch.FindOne();
                                          de  =  new  DirectoryEntry(result.Path);
                                          return  de;
                                }
                                catch
                                {
                                          return  null;
                                }
                      }
     
                      /// 
                      ///  根据用户帐号和密码取得用户的  对象
                      /// 
                      ///  用户帐号名
                      ///  用户密码
                      ///  如果找到该用户,则返回用户的  对象;否则返回  null
                      public  static  DirectoryEntry  GetDirectoryEntryByAccount(string  sAMAccountName,  string  password)
                      {
                                DirectoryEntry  de  =  GetDirectoryEntryByAccount(sAMAccountName);
                                if  (de  !=  null)
                                {
                                          string  commonName  =  de.Properties["cn"][0].ToString();
     
                                          if  (GetDirectoryEntry(commonName,  password)  !=  null)
                                                  return  GetDirectoryEntry(commonName,  password);
                                          else
                                                  return  null;
                                }
                                else
                                {
                                          return  null;
                                }
                      }
     
                      /// 
                      ///  根据组名取得用户组的  对象
                      /// 
                      ///  组名
                      /// 
                      public  static  DirectoryEntry  GetDirectoryEntryOfGroup(string  groupName)
                      {
                                DirectoryEntry  de  =  GetDirectoryObject();
                                DirectorySearcher  deSearch  =  new  DirectorySearcher(de);
                                deSearch.Filter  =  "(&(objectClass=group)(cn="  +  groupName  +  "))";
                                deSearch.SearchScope  =  SearchScope.Subtree;
     
                                try
                                {
                                          SearchResult  result  =  deSearch.FindOne();
                                          de  =  new  DirectoryEntry(result.Path);
                                          return  de;
                                }
                                catch
                                {
                                          return  null;
                                }
                      }
     
                      #endregion
     
                      #region  GetProperty
     
                      /// 
                      ///  获得指定  指定属性名对应的值
                      /// 
                      /// 
                      ///  属性名称
                      ///  属性值
                      public  static  string  GetProperty(DirectoryEntry  de,  string  propertyName)
                      {
                                if(de.Properties.Contains(propertyName))
                                {
                                          return  de.Properties[propertyName][0].ToString()  ;
                                }
                                else
                                {
                                          return  string.Empty;
                                }
                      }
     
                      /// 
                      ///  获得指定搜索结果  中指定属性名对应的值
                      /// 
                      /// 
                      ///  属性名称
                      ///  属性值
                      public  static  string  GetProperty(SearchResult  searchResult,  string  propertyName)
                      {
                                if(searchResult.Properties.Contains(propertyName))
                                {
                                          return  searchResult.Properties[propertyName][0].ToString()  ;
                                }
                                else
                                {
                                          return  string.Empty;
                                }
                      }
     
                      #endregion
     
                      /// 
                      ///  设置指定  的属性值
                      /// 
                      /// 
                      ///  属性名称
                      ///  属性值
                      public  static  void  SetProperty(DirectoryEntry  de,  string  propertyName,  string  propertyvalue)
                      {
                                if(propertyvalue  !=  string.Empty  ||  propertyvalue  !=  ""  ||  propertyvalue  !=  null)
                                {
                                          if(de.Properties.Contains(propertyName))
                                          {
                                                  de.Properties[propertyName][0]  =  propertyvalue; 
                                          }
                                          else
                                          {
                                                  de.Properties[propertyName].Add(propertyvalue);
                                          }
                                }
                      }
     
                      /// 
                      ///  创建新的用户
                      /// 
                      ///  DN  位置。例如:OU=共享平台  或  CN=Users
                      ///  公共名称
                      ///  帐号
                      ///  密码
                      /// 
                      public  static  DirectoryEntry  CreateNewUser(string  ldapDN,  string  commonName,  string  sAMAccountName,  string  password)
                      {
                                DirectoryEntry  entry  =  GetDirectoryObject();
                                DirectoryEntry  subEntry  =  entry.Children.Find(ldapDN);
                                DirectoryEntry  deUser  =  subEntry.Children.Add("CN="  +  commonName,  "user");
                                deUser.Properties["sAMAccountName"].value  =  sAMAccountName;
                                deUser.CommitChanges();
                                ADHelper.EnableUser(commonName);
                                ADHelper.SetPassword(commonName,  password);
                                deUser.Close();
                                return  deUser;
                      }
     
                      /// 
                      ///  创建新的用户。默认创建在  Users  单元下。
                      /// 
                      ///  公共名称
                      ///  帐号
                      ///  密码
                      /// 
                      public  static  DirectoryEntry  CreateNewUser(string  commonName,  string  sAMAccountName,  string  password)
                      {
                                return  CreateNewUser("CN=Users",  commonName,  sAMAccountName,  password);
                      }
     
                      /// 
                      ///  判断指定公共名称的用户是否存在
                      /// 
                      ///  用户公共名称
                      ///  如果存在,返回  true;否则返回  false
                      public  static  bool  IsUserExists(string  commonName)
                      {
                                DirectoryEntry  de  =  GetDirectoryObject();
                                DirectorySearcher  deSearch  =  new  DirectorySearcher(de);
                                deSearch.Filter  =  "(&(&(objectCategory=person)(objectClass=user))(cn="  +  commonName  +  "))";              //  LDAP  查询串
                                SearchResultCollection  results  =  deSearch.FindAll();
     
                                if  (results.Count  ==  0)
                                          return  false;
                                else
                                          return  true;
                      }
     
                      /// 
                      ///  判断用户帐号是否激活
                      /// 
                      ///  用户帐号属性控制器
                      ///  如果用户帐号已经激活,返回  true;否则返回  false
                      public  static  bool  IsAccountActive(int  userAccountControl)
                      {
                                int  userAccountControl_Disabled  =  Convert.ToInt32(ADS_USER_FLAG_ENUM.ADS_UF_ACCOUNTDISABLE);
                                int  flagExists  =  userAccountControl  &  userAccountControl_Disabled;
     
                                if  (flagExists  >  0)
                                          return  false;
                                else
                                          return  true;
                      }
     
                      /// 
                      ///  判断用户与密码是否足够以满足身份验证进而登录
                      /// 
                      ///  用户公共名称
                      ///  密码
                      ///  如能可正常登录,则返回  true;否则返回  false
                      public  static  LoginResult  Login(string  commonName,  string  password)
                      {
                                DirectoryEntry  de  =  GetDirectoryEntry(commonName);
     
                                if  (de  !=  null)
                                {
                                          //  必须在判断用户密码正确前,对帐号激活属性进行判断;否则将出现异常。
                                          int  userAccountControl  =  Convert.ToInt32(de.Properties["userAccountControl"][0]);
                                          de.Close();
     
                                          if  (!IsAccountActive(userAccountControl))
                                                  return  LoginResult.LOGIN_USER_ACCOUNT_INACTIVE;
     
                                          if  (GetDirectoryEntry(commonName,  password)  !=  null)
                                                  return  LoginResult.LOGIN_USER_OK;
                                          else
                                                  return  LoginResult.LOGIN_USER_PASSWORD_INCORRECT;
                                }
                                else
                                {
                                          return  LoginResult.LOGIN_USER_DOESNT_EXIST; 
                                }
                      }
     
                      /// 
                      ///  判断用户帐号与密码是否足够以满足身份验证进而登录
                      /// 
                      ///  用户帐号
                      ///  密码
                      ///  如能可正常登录,则返回  true;否则返回  false
                      public  static  LoginResult  LoginByAccount(string  sAMAccountName,  string  password)
                      {
                                DirectoryEntry  de  =  GetDirectoryEntryByAccount(sAMAccountName);
                                         
                                if  (de  !=  null)
                                {
                                          //  必须在判断用户密码正确前,对帐号激活属性进行判断;否则将出现异常。
                                          int  userAccountControl  =  Convert.ToInt32(de.Properties["userAccountControl"][0]);
                                          de.Close();
     
                                          if  (!IsAccountActive(userAccountControl))
                                                  return  LoginResult.LOGIN_USER_ACCOUNT_INACTIVE;
     
                                          if  (GetDirectoryEntryByAccount(sAMAccountName,  password)  !=  null)
                                                  return  LoginResult.LOGIN_USER_OK;
                                          else
                                                  return  LoginResult.LOGIN_USER_PASSWORD_INCORRECT;
                                }
                                else
                                {
                                          return  LoginResult.LOGIN_USER_DOESNT_EXIST; 
                                }
                      }
     
                      /// 
                      ///  设置用户密码,管理员可以通过它来修改指定用户的密码。
                      /// 
                      ///  用户公共名称
                      ///  用户新密码
                      public  static  void  SetPassword(string  commonName,  string  newPassword)
                      {
                                DirectoryEntry  de  =  GetDirectoryEntry(commonName);
                               
                                //  模拟超级管理员,以达到有权限修改用户密码
                                impersonate.BeginImpersonate();
                                de.Invoke("SetPassword",  new  object[]{newPassword});
                                impersonate.StopImpersonate();
     
                                de.Close();
                      }
     
                      /// 
                      ///  设置帐号密码,管理员可以通过它来修改指定帐号的密码。
                      /// 
                      ///  用户帐号
                      ///  用户新密码
                      public  static  void  SetPasswordByAccount(string  sAMAccountName,  string  newPassword)
                      {
                                DirectoryEntry  de  =  GetDirectoryEntryByAccount(sAMAccountName);
     
                                //  模拟超级管理员,以达到有权限修改用户密码
                                IdentityImpersonation  impersonate  =  new  IdentityImpersonation(ADUser,  ADPassword,  DomainName);
                                impersonate.BeginImpersonate();
                                de.Invoke("SetPassword",  new  object[]{newPassword});
                                impersonate.StopImpersonate();
     
                                de.Close();
                      }
     
                      /// 
                      ///  修改用户密码
                      /// 
                      ///  用户公共名称
                      ///  旧密码
                      ///  新密码
                      public  static  void  ChangeUserPassword  (string  commonName,  string  oldPassword,  string  newPassword)
                      {
                                //  to-do:  需要解决密码策略问题
                                DirectoryEntry  oUser  =  GetDirectoryEntry(commonName);
                                oUser.Invoke("ChangePassword",  new  Object[]{oldPassword,  newPassword});
                                oUser.Close();
                      }
     
                      /// 
                      ///  启用指定公共名称的用户
                      /// 
                      ///  用户公共名称
                      public  static  void  EnableUser(string  commonName)
                      {
                                EnableUser(GetDirectoryEntry(commonName));
                      }
     
                      /// 
                      ///  启用指定  的用户
                      /// 
                      /// 
                      public  static  void  EnableUser(DirectoryEntry  de)
                      {
                                impersonate.BeginImpersonate();
                                de.Properties["userAccountControl"][0]  =  ADHelper.ADS_USER_FLAG_ENUM.ADS_UF_NORMAL_ACCOUNT  |  ADHelper.ADS_USER_FLAG_ENUM.ADS_UF_DONT_EXPIRE_PASSWD;
                                de.CommitChanges();
                                impersonate.StopImpersonate();
                                de.Close();
                      }
     
                      /// 
                      ///  禁用指定公共名称的用户
                      /// 
                      ///  用户公共名称
                      public  static  void  DisableUser(string  commonName)
                      {
                                DisableUser(GetDirectoryEntry(commonName));
                      }
     
                      /// 
                      ///  禁用指定  的用户
                      /// 
                      /// 
                      public  static  void  DisableUser(DirectoryEntry  de)
                      {
                                impersonate.BeginImpersonate();
                                de.Properties["userAccountControl"][0]=ADHelper.ADS_USER_FLAG_ENUM.ADS_UF_NORMAL_ACCOUNT  |  ADHelper.ADS_USER_FLAG_ENUM.ADS_UF_DONT_EXPIRE_PASSWD  |  ADHelper.ADS_USER_FLAG_ENUM.ADS_UF_ACCOUNTDISABLE;
                                de.CommitChanges();
                                impersonate.StopImpersonate();
                                de.Close();
                      }
     
                      /// 
                      ///  将指定的用户添加到指定的组中。默认为  Users  下的组和用户。
                      /// 
                      ///  用户公共名称
                      ///  组名
                      public  static  void  AddUserToGroup(string  userCommonName,  string  groupName)
                        {
                                DirectoryEntry  oGroup  =  GetDirectoryEntryOfGroup(groupName);
                                DirectoryEntry  oUser  =  GetDirectoryEntry(userCommonName);
                               
                                impersonate.BeginImpersonate();
                                oGroup.Properties["member"].Add(oUser.Properties["distinguishedName"].value);
                                oGroup.CommitChanges();
                                impersonate.StopImpersonate();
     
                                oGroup.Close();
                                oUser.Close();
                      }
     
                      /// 
                      ///  将用户从指定组中移除。默认为  Users  下的组和用户。
                      /// 
                      ///  用户公共名称
                      ///  组名
                      public  static  void  RemoveUserFromGroup(string  userCommonName,  string  groupName)
                      {
                                DirectoryEntry  oGroup  =  GetDirectoryEntryOfGroup(groupName);
                                DirectoryEntry  oUser  =  GetDirectoryEntry(userCommonName);
                               
                                impersonate.BeginImpersonate();
                                oGroup.Properties["member"].Remove(oUser.Properties["distinguishedName"].value);
                                oGroup.CommitChanges();
                                impersonate.StopImpersonate();
     
                                oGroup.Close();
                                oUser.Close();
                      }
     
              }
     
              /// 
              ///  用户模拟角色类。实现在程序段内进行用户角色模拟。
              /// 
              public  class  IdentityImpersonation
              {
                      [DllImport("advapi32.dll",  SetLastError=true)]
                      public  static  extern  bool  LogonUser(String  lpszUsername,  String  lpszDomain,  String  lpszPassword,  int  dwLogonType,  int  dwLogonProvider,  ref  IntPtr  phToken);
     
                      [DllImport("advapi32.dll",  CharSet=CharSet.Auto,  SetLastError=true)]
                      public  extern  static  bool  DuplicateToken(IntPtr  ExistingTokenHandle,  int  SECURITY_IMPERSONATION_LEVEL,  ref  IntPtr  DuplicateTokenHandle);
     
                      [DllImport("kernel32.dll",  CharSet=CharSet.Auto)]
                      public  extern  static  bool  CloseHandle(IntPtr  handle);
     
                      //  要模拟的用户的用户名、密码、域(机器名)
                      private  String  _sImperUsername;
                      private  String  _sImperPassword;
                      private  String  _sImperDomain;
                      //  记录模拟上下文
                      private  WindowsImpersonationContext  _imperContext;
                      private  IntPtr  _adminToken;
                      private  IntPtr  _dupeToken;
                      //  是否已停止模拟
                      private  Boolean  _bClosed;
     
                      /// 
                      ///  构造函数
                      /// 
                      ///  所要模拟的用户的用户名
                      ///  所要模拟的用户的密码
                      ///  所要模拟的用户所在的域
                      public  IdentityImpersonation(String  impersonationUsername,  String  impersonationPassword,  String  impersonationDomain) 
                      {
                                _sImperUsername  =  impersonationUsername;
                                _sImperPassword  =  impersonationPassword;
                                _sImperDomain  =  impersonationDomain;
     
                                _adminToken  =  IntPtr.Zero;
                                _dupeToken  =  IntPtr.Zero;
                                _bClosed  =  true;
                      }
     
                      /// 
                      ///  析构函数
                      /// 
                      ~IdentityImpersonation() 
                      {
                                if(!_bClosed) 
                                {
                                          StopImpersonate();
                                }
                      }
     
                      /// 
                      ///  开始身份角色模拟。
                      /// 
                      /// 
                      public  Boolean  BeginImpersonate() 
                      {
                                Boolean  bLogined  =  LogonUser(_sImperUsername,  _sImperDomain,  _sImperPassword,  2,  0,  ref  _adminToken);
                                                   
                                if(!bLogined) 
                                {
                                          return  false;
                                }
     
                                Boolean  bDuped  =  DuplicateToken(_adminToken,  2,  ref  _dupeToken);
     
                                if(!bDuped) 
                                {
                                          return  false;
                                }
     
                                WindowsIdentity  fakeId  =  new  WindowsIdentity(_dupeToken);
                                _imperContext  =  fakeId.Impersonate();
     
                                _bClosed  =  false;
     
                                return  true;
                      }
     
                      /// 
                      ///  停止身分角色模拟。
                      /// 
                      public  void  StopImpersonate() 
                      {
                                _imperContext.Undo();
                                CloseHandle(_dupeToken);
                                CloseHandle(_adminToken);
                                _bClosed  =  true;
                      }
              }
     
    }
  • 相关阅读:
    微信小程序 单选按钮 最佳
    微信小程序 单选按钮的实现
    微信小程序 单选框实现
    Java Code To Create Pyramid and Pattern
    Java language
    npm Err! Unexpected end of JSON input while parsing near
    Node.js Express FrameWork Tutorial
    Higher-Order Function Examples
    Create First HTTP Web Server in Node.js: Complete Tutorial
    Node.js NPM Tutorial: Create, Publish, Extend & Manage
  • 原文地址:https://www.cnblogs.com/oop/p/373305.html
Copyright © 2011-2022 走看看