zoukankan      html  css  js  c++  java
  • 用vbs和ADSI管理Windows账户

    ADSI (Active Directory Services Interface)是Microsoft新推出的一项技术,它统一了许多底层服务的编程接口,程序员可以使用一致的对象技术来访问这些底层服务。 ADSI把这些服务的公共部分提取出来,同时隔离出相异的部分,程序员可以用统一的接口访问底层服务的公共部分,并延伸到底层服务的专有部分。

    管理用户组

    获取用户组的用户列表

    Dim oGrp 
    Dim oUser
    Dim sDomain
    dim sMsg
    sDomain = "localhost"
    On Error Resume Next
     
    Set oGrp = GetObject("WinNT://"&sDomain&"/Administrators,group")
    For Each oUser In oGrp.Members
        sMsg = sMsg & oUser.Name & "(" & oUser.Class & ")    " & oUser.ADsPath & vbnewline
    Next
    msgbox sMsg
    
    If (Err.Number<>0) Then
        MsgBox("An error has occurred. " &vbnewline& Err.Description)
    End If
    Set oGrp = Nothing
    Set oUser = Nothing

    另一种方法:

    Dim oDomain
    Dim oGrp 
    Dim oUser
    Dim sDomain
    dim sMsg
    sDomain = "localhost"
    On Error Resume Next
     
    Set oDomain = GetObject("WinNT://"&sDomain)
    Set oGrp = oDomain.GetObject("group", "Administrators")
    
    For Each oUser In oGrp.Members
        sMsg = sMsg & oUser.Name & "(" & oUser.Class & ")    " & oUser.ADsPath & vbnewline
    Next
    msgbox sMsg
    
    If (Err.Number<>0) Then
        MsgBox("An error has occurred. " &vbnewline& Err.Description)
    End If
    Set oGrp = Nothing
    Set oUser = Nothing

    查询用户是否属于该用户组

    Dim oGrp
    On Error Resume Next
    
    Set oGrp = GetObject("WinNT://localhost/Administrators")
    MsgBox oGrp.IsMember("WinNT://DESKTOP-K3O4FGP/Administrator")
    
    If (Err.Number<>0) Then
        MsgBox("An error has occurred. " &vbnewline& Err.Description)
    End If
    Set oGrp = Nothing

    添加用户到用户组

    该操作要求当前登录用户为Administrator。

    Dim oGrp
    dim sDomain
    sDomain = "DESKTOP-K3O4FGP"
    Set oGrp = GetObject("WinNT://"&sDomain&"/Administrators")
    oGrp.Add ("WinNT://"&sDomain&"/Admin")
    
    if (Err.Number<>0) then
        MsgBox("An error has occurred. " &vbnewline& Err.Description)
    else 
        msgbox "Complete"
    end if
    Set oGrp = Nothing

    从用户组中移除用户

    该操作要求当前登录用户为Administrator。

    Dim oGrp
    dim sDomain
    sDomain = "DESKTOP-K3O4FGP"
    On Error Resume Next
    
    Set oGrp = GetObject("WinNT://"&sDomain&"/Administrators")
    oGrp.Remove ("WinNT://"&sDomain&"/jeffsmith")
    
    If (Err.Number<>0) Then
        MsgBox("An error has occurred. " &vbnewline& Err.Description)
    else 
        msgbox "Complete"
    End If
    Set oGrp = Nothing

     创建用户组

    该操作要求当前登录用户为Administrator。

    Dim oDomain
    Dim oGroup
    Dim sDomain
    sDomain = "localhost"
    On Error Resume Next
    Set oDomain = GetObject("WinNT://"&sDomain)
    Set oGroup = oDomain.Create("group","MyGroup")
    oGroup.SetInfo
    
    if (Err.Number<>0) then
        MsgBox("An error has occurred. " &vbnewline& Err.Description)
    else 
        msgbox "Complete"
    end if
    Set oGroup = Nothing
    Set oDomain = Nothing

    删除用户组

    该操作要求当前登录用户为Administrator。

    Dim oDomain
    Dim sDomain
    sDomain = "localhost"
    On Error Resume Next
    Set oDomain = GetObject("WinNT://"&sDomain)
    oDomain.Delete "group","MyGroup"
    
    if (Err.Number<>0) then
        MsgBox("An error has occurred. " &vbnewline& Err.Description)
    else 
        msgbox "Complete"
    end if
    Set oDomain = Nothing

    管理用户

    添加用户

    该操作要求当前登录用户为Administrator。

    Dim oDomain
    Dim oUser
    Dim sDomain
    sDomain = "localhost"
    On Error Resume Next
    
    Set oDomain = GetObject("WinNT://"&sDomain)
    Set oUser = oDomain.Create("user","jeffsmith")
    'oUser.FullName = "FullName"  '用户全名
    'oUser.Description = "Description"  '描述
    'oUser.SetPassword "password"  '设置密码
    'oUser.PasswordExpired = 1     '下次登录需要更改密码
    'oUser.UserFlags = oUser.UserFlags Or &H10000  
    '&H20000(下次登录须更改密码) 
    '&H0040(用户不能更改密码) 
    '&H10000(密码永不过期) 
    '&H0002(账户已禁用)
    oUser.SetInfo
    
    if (Err.Number<>0) then
        MsgBox("An error has occurred. " &vbnewline& Err.Description)
    else 
        msgbox "Complete"
    end if

    如果未设置用户属性,则 新建的用户的默认属性如下:

    PropertyValue
    Full Name SAM Account Name (such as jeffsmith)
    Password Empty
    User Must Change Password TRUE
    User Cannot Change Password FALSE
    Password Never Expires FALSE
    Account Disabled FALSE
    Group Domain User
    Profile Empty
    Account Never Expires TRUE

     

    修改用户属性

    该操作要求当前登录用户为Administrator。

    Dim oUser
    Dim sDomain
    sDomain = "localhost"
    On Error Resume Next
    Set oUser = GetObject("WinNT://"&sDomain&"/jeffsmith")
    
    oUser.FullName = "jeffsmith"
    oUser.Description = "Description"
    oUser.AccountDisabled = False
    oUser.IsAccountLocked = False
    oUser.SetInfo
    
    if (Err.Number<>0) then
        MsgBox("An error has occurred. " &vbnewline& Err.Description)
    else 
        msgbox "Complete"
    end if

     用户属性详见:https://docs.microsoft.com/zh-cn/windows/win32/adsi/iadsuser-property-methods

    设置用户密码

    该操作要求当前登录用户为Administrator。

    Dim oUser
    Dim sDomain
    sDomain = "localhost"
    On Error Resume Next
    Set oUser = GetObject("WinNT://"&sDomain&"/jeffsmith")
    
    oUser.SetPassword "pa55w0rd!"
    
    if (Err.Number<>0) then
        MsgBox("An error has occurred. " &vbnewline& Err.Description)
    else 
        msgbox "Complete"
    end if

    更改用户密码

    该操作要求当前登录用户为Administrator。

    Dim oUser
    Dim sOldPass
    Dim sNewPass
    Dim sDomain
    sDomain = "localhost"
    On Error Resume Next
    
    Set oUser = GetObject("WinNT://"&sDomain&"/JeffSmith,user")
    ' Add code to securely retrieve the old and new password.
    oUser.ChangePassword sOldPass, sNewPass
    
    if (Err.Number<>0) then
        MsgBox("An error has occurred. " &vbnewline& Err.Description)
    else 
        msgbox "Complete"
    end if
    Set oUser = Nothing

    删除用户

    该操作要求当前登录用户为Administrator。

    Dim oDomain
    Dim sDomain
    sDomain = "localhost"
    On Error Resume Next
    
    Set oDomain = GetObject("WinNT://"&sDomain)
    oDomain.Delete "user", "jeffsmith"
    
    if (Err.Number<>0) then
        MsgBox("An error has occurred. " &vbnewline& Err.Description)
    else 
        msgbox "Complete"
    end if

    查询用户隶属的组

    Dim oUser
    Dim oGroup
    Dim sDomain
    Dim sMsg
    sDomain = "localhost"
    On Error Resume Next
    Set oUser = GetObject("WinNT://"&sDomain&"/Administrator")
    
    For Each oGroup In oUser.Groups
        sMsg = sMsg & oGroup.Name & vbnewline 
    Next
    
    if (Err.Number<>0) then
        MsgBox("An error has occurred. " &vbnewline& Err.Description)
    else 
        msgbox sMsg
    end if

    引用:https://docs.microsoft.com/zh-cn/windows/win32/adsi/adsi-objects-of-winnt

  • 相关阅读:
    分布式系统(五)——容错问题
    分布式系统(四)—— 一致性问题
    分布式系统(三)——选举问题
    分布式系统(二)——互斥问题
    结合中断上下文切换和进程上下文切换分析Linux内核的一般执行过程
    深入理解系统调用
    基于mykernel 2.0编写一个操作系统内核
    微信小程序npm安装pinyin库
    SpringBoot实现下载文件以及前台应当如何对接
    OSX 安装mujoco
  • 原文地址:https://www.cnblogs.com/yada/p/11799174.html
Copyright © 2011-2022 走看看