zoukankan      html  css  js  c++  java
  • C# 域用户操作(转)

    转自:http://www.sobnb.com/u/92/20081406091447.html

    using System;
    using System.DirectoryServices;
     
    namespace SystemFrameworks.Helper
    {
         ///
         ///活动目录辅助类。封装一系列活动目录操作相关的方法。
         ///
         public sealed class ADHelper
         {
             ///
             ///域名
             ///
             private static string DomainName = "MyDomain";
             ///
             /// LDAP 地址
             ///
             private static string LDAPDomain = "DC=MyDomain,DC=local";
             ///
             /// LDAP绑定路径
             ///
             private static string ADPath = "LDAP://brooks.mydomain.local";
             ///
             ///登录帐号
             ///
             private static string ADUser = "Administrator";
             ///
             ///登录密码
             ///
             private static string ADPassword = "password";
             ///
             ///扮演类实例
             ///
             private static IdentityImpersonation impersonate = new IdentityImpersonation(ADUser, ADPassword, DomainName);
     
             ///
             ///用户登录验证结果
             ///
             public enum LoginResult
             {
                  ///
                  ///正常登录
                  ///
                  LOGIN_USER_OK = 0,
                  ///
                  ///用户不存在
                  ///
                  LOGIN_USER_DOESNT_EXIST,
                  ///
                  ///用户帐号被禁用
                  ///
                  LOGIN_USER_ACCOUNT_INACTIVE,
                  ///
                  ///用户密码不正确
                  ///
                  LOGIN_USER_PASSWORD_INCORRECT
             }
     
             ///
             ///用户属性定义标志
             ///
             public enum ADS_USER_FLAG_ENUM
             {
                  ///
                  ///登录脚本标志。如果通过 ADSI LDAP 进行读或写操作时,该标志失效。如果通过 ADSI WINNT,该标志为只读。
                  ///
                  ADS_UF_SCRIPT = 0X0001,
                  ///
                  ///用户帐号禁用标志
                  ///
                  ADS_UF_ACCOUNTDISABLE = 0X0002,
                  ///
                  ///主文件夹标志
                  ///
                  ADS_UF_HOMEDIR_REQUIRED = 0X0008,
                  ///
                  ///过期标志
                  ///
                  ADS_UF_LOCKOUT = 0X0010,
                  ///
                  ///用户密码不是必须的
                  ///
                  ADS_UF_PASSWD_NOTREQD = 0X0020,
                  ///
                  ///密码不能更改标志
                  ///
                  ADS_UF_PASSWD_CANT_CHANGE = 0X0040,
                  ///
                  ///使用可逆的加密保存密码
                  ///
                  ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED = 0X0080,
                  ///
                  ///本地帐号标志
                  ///
                  ADS_UF_TEMP_DUPLICATE_ACCOUNT = 0X0100,
                  ///
                  ///普通用户的默认帐号类型
                  ///
                  ADS_UF_NORMAL_ACCOUNT = 0X0200,
                  ///
                  ///跨域的信任帐号标志
                  ///
                  ADS_UF_INTERDOMAIN_TRUST_ACCOUNT = 0X0800,
                  ///
                  ///工作站信任帐号标志
                  ///
                  ADS_UF_WORKSTATION_TRUST_ACCOUNT = 0x1000,
                  ///
                  ///服务器信任帐号标志
                  ///
                  ADS_UF_SERVER_TRUST_ACCOUNT = 0X2000,
                  ///
                  ///密码永不过期标志
                  ///
                  ADS_UF_DONT_EXPIRE_PASSWD = 0X10000,
                  ///
                  /// MNS 帐号标志
                  ///
                  ADS_UF_MNS_LOGON_ACCOUNT = 0X20000,
                  ///
                  ///交互式登录必须使用智能卡
                  ///
                  ADS_UF_SMARTCARD_REQUIRED = 0X40000,
                  ///
                  ///当设置该标志时,服务帐号(用户或计算机帐号)将通过 Kerberos 委托信任
                  ///
                  ADS_UF_TRUSTED_FOR_DELEGATION = 0X80000,
                  ///
                  ///当设置该标志时,即使服务帐号是通过 Kerberos 委托信任的,敏感帐号不能被委托
                  ///
                  ADS_UF_NOT_DELEGATED = 0X100000,
                  ///
                  ///此帐号需要 DES 加密类型
                  ///
                  ADS_UF_USE_DES_KEY_ONLY = 0X200000,
                  ///
                  ///不要进行 Kerberos 预身份验证
                  ///
                  ADS_UF_DONT_REQUIRE_PREAUTH = 0X4000000,
                  ///
                  ///用户密码过期标志
                  ///
                  ADS_UF_PASSWORD_EXPIRED = 0X800000,
                  ///
                  ///用户帐号可委托标志
                  ///
                  ADS_UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION = 0X1000000
             }
     
             public ADHelper()
             {
                  //
             }
     
             #region GetDirectoryObject
     
             ///
             ///获得DirectoryEntry对象实例,以管理员登陆AD
             ///
             ///
             private static DirectoryEntry GetDirectoryObject()
             {
                  DirectoryEntry entry = new DirectoryEntry(ADPath, ADUser, ADPassword, AuthenticationTypes.Secure);
                  return entry;
             }
     
             ///
             ///根据指定用户名和密码获得相应DirectoryEntry实体
             ///
             ///
             ///
             ///
             private static DirectoryEntry GetDirectoryObject(string userName, string password)
             {
                  DirectoryEntry entry = new DirectoryEntry(ADPath, userName, password, AuthenticationTypes.None);
                  return entry;
             }
     
             ///
             /// i.e. /CN=Users,DC=creditsights, DC=cyberelves, DC=Com
             ///
             ///
             ///
             private static DirectoryEntry GetDirectoryObject(string domainReference)
             {
                  DirectoryEntry entry = new DirectoryEntry(ADPath + domainReference, ADUser, ADPassword, AuthenticationTypes.Secure);
                  return entry;
             }
     
             ///
             ///获得以UserName,Password创建的DirectoryEntry
             ///
             ///
             ///
             ///
             ///
             private static DirectoryEntry GetDirectoryObject(string domainReference, string userName, string password)
             {
                  DirectoryEntry entry = new DirectoryEntry(ADPath + domainReference, userName, password, AuthenticationTypes.Secure);
                  return entry;
             }
     
             #endregion
     
             #region GetDirectoryEntry
     
             ///
             ///根据用户公共名称取得用户的 对象
             ///
             ///
    用户公共名称
             ///如果找到该用户,则返回用户的 对象;否则返回 null
             public static DirectoryEntry GetDirectoryEntry(string commonName)
             {
                  DirectoryEntry de = GetDirectoryObject();
                  DirectorySearcher deSearch = new DirectorySearcher(de);
                  deSearch.Filter = "(&(&(objectCategory=person)(objectClass=user))(cn=" + commonName + "))";
                  deSearch.SearchScope = SearchScope.Subtree;
     
                  try
                  {
                       SearchResult result = deSearch.FindOne();
                       de = new DirectoryEntry(result.Path);
                       return de;
                  }
                  catch
                  {
                       return null;
                  }
             }
     
             ///
             ///根据用户公共名称和密码取得用户的 对象。
             ///
             ///
    用户公共名称
             ///
    用户密码
             ///如果找到该用户,则返回用户的 对象;否则返回 null
             public static DirectoryEntry GetDirectoryEntry(string commonName, string password)
             {
                  DirectoryEntry de = GetDirectoryObject(commonName, password);
                  DirectorySearcher deSearch = new DirectorySearcher(de);
                  deSearch.Filter = "(&(&(objectCategory=person)(objectClass=user))(cn=" + commonName + "))";
                  deSearch.SearchScope = SearchScope.Subtree;
     
                  try
                  {
                       SearchResult result = deSearch.FindOne();
                       de = new DirectoryEntry(result.Path);
                       return de;
                  }
                  catch
                  {
                       return null;
                  }
             }
     
             ///
             ///根据用户帐号称取得用户的 对象
             ///
             ///
    用户帐号名
             ///如果找到该用户,则返回用户的 对象;否则返回 null
             public static DirectoryEntry GetDirectoryEntryByAccount(string sAMAccountName)
             {
                  DirectoryEntry de = GetDirectoryObject();
                  DirectorySearcher deSearch = new DirectorySearcher(de);
                  deSearch.Filter = "(&(&(objectCategory=person)(objectClass=user))(sAMAccountName=" + sAMAccountName + "))";
                  deSearch.SearchScope = SearchScope.Subtree;
     
                  try
                  {
                       SearchResult result = deSearch.FindOne();
                       de = new DirectoryEntry(result.Path);
                       return de;
                  }
                  catch
                  {
                       return null;
                  }
             }
     
             ///
             ///根据用户帐号和密码取得用户的 对象
             ///
             ///
    用户帐号名
             ///
    用户密码
             ///如果找到该用户,则返回用户的 对象;否则返回 null
             public static DirectoryEntry GetDirectoryEntryByAccount(string sAMAccountName, string password)
             {
                  DirectoryEntry de = GetDirectoryEntryByAccount(sAMAccountName);
                  if (de != null)
                  {
                       string commonName = de.Properties["cn"][0].ToString();
     
                       if (GetDirectoryEntry(commonName, password) != null)
                           return GetDirectoryEntry(commonName, password);
                       else
                           return null;
                  }
                  else
                  {
                       return null;
                  }
             }
     
             ///
             ///根据组名取得用户组的 对象
             ///
             ///
    组名
             ///
             public static DirectoryEntry GetDirectoryEntryOfGroup(string groupName)
             {
                  DirectoryEntry de = GetDirectoryObject();
                  DirectorySearcher deSearch = new DirectorySearcher(de);
                  deSearch.Filter = "(&(objectClass=group)(cn=" + groupName + "))";
                  deSearch.SearchScope = SearchScope.Subtree;
     
                  try
                  {
                       SearchResult result = deSearch.FindOne();
                       de = new DirectoryEntry(result.Path);
                       return de;
                  }
                  catch
                  {
                       return null;
                  }
             }
     
             #endregion
     
             #region GetProperty
     
             ///
             ///获得指定 指定属性名对应的值
             ///
             ///
             ///
    属性名称
             ///属性值
             public static string GetProperty(DirectoryEntry de, string propertyName)
             {
                  if(de.Properties.Contains(propertyName))
                  {
                       return de.Properties[propertyName][0].ToString() ;
                  }
                  else
                  {
                       return string.Empty;
                  }
             }
     
             ///
             ///获得指定搜索结果 中指定属性名对应的值
             ///
             ///
             ///
    属性名称
             ///属性值
             public static string GetProperty(SearchResult searchResult, string propertyName)
             {
                  if(searchResult.Properties.Contains(propertyName))
                  {
                       return searchResult.Properties[propertyName][0].ToString() ;
                  }
                  else
                  {
                       return string.Empty;
                  }
             }
     
             #endregion
     
             ///
             ///设置指定 的属性值
             ///
             ///
             ///
    属性名称
             ///
    属性值
             public static void SetProperty(DirectoryEntry de, string propertyName, string propertyValue)
             {
                  if(propertyValue != string.Empty || propertyValue != "" || propertyValue != null)
                  {
                       if(de.Properties.Contains(propertyName))
                       {
                           de.Properties[propertyName][0] = propertyValue;
                       }
                       else
                       {
                           de.Properties[propertyName].Add(propertyValue);
                       }
                  }
             }
     
             ///
             ///创建新的用户
             ///
             ///
    DN 位置。例如:OU=共享平台 或 CN=Users
             ///
    公共名称
             ///
    帐号
             ///
    密码
             ///
             public static DirectoryEntry CreateNewUser(string ldapDN, string commonName, string sAMAccountName, string password)
             {
                  DirectoryEntry entry = GetDirectoryObject();
                  DirectoryEntry subEntry = entry.Children.Find(ldapDN);
                  DirectoryEntry deUser = subEntry.Children.Add("CN=" + commonName, "user");
                  deUser.Properties["sAMAccountName"].Value = sAMAccountName;
                  deUser.CommitChanges();
                  ADHelper.EnableUser(commonName);
                  ADHelper.SetPassword(commonName, password);
                  deUser.Close();
                  return deUser;
             }
     
             ///
             ///创建新的用户。默认创建在 Users 单元下。
             ///
             ///
    公共名称
             ///
    帐号
             ///
    密码
             ///
             public static DirectoryEntry CreateNewUser(string commonName, string sAMAccountName, string password)
             {
                  return CreateNewUser("CN=Users", commonName, sAMAccountName, password);
             }
     
             ///
             ///判断指定公共名称的用户是否存在
             ///
             ///
    用户公共名称
             ///如果存在,返回 true;否则返回 false
             public static bool IsUserExists(string commonName)
             {
                  DirectoryEntry de = GetDirectoryObject();
                  DirectorySearcher deSearch = new DirectorySearcher(de);
                  deSearch.Filter = "(&(&(objectCategory=person)(objectClass=user))(cn=" + commonName + "))";       // LDAP 查询串
                  SearchResultCollection results = deSearch.FindAll();
     
                  if (results.Count == 0)
                       return false;
                  else
                       return true;
             }
     
             ///
             ///判断用户帐号是否激活
             ///
             ///
    用户帐号属性控制器
             ///如果用户帐号已经激活,返回 true;否则返回 false
             public static bool IsAccountActive(int userAccountControl)
             {
                  int userAccountControl_Disabled = Convert.ToInt32(ADS_USER_FLAG_ENUM.ADS_UF_ACCOUNTDISABLE);
                  int flagExists = userAccountControl & userAccountControl_Disabled;
     
                  if (flagExists > 0)
                       return false;
                  else
                       return true;
             }
     
             ///
             ///判断用户与密码是否足够以满足身份验证进而登录
             ///
             ///
    用户公共名称
             ///
    密码
             ///如能可正常登录,则返回 true;否则返回 false
             public static LoginResult Login(string commonName, string password)
             {
                  DirectoryEntry de = GetDirectoryEntry(commonName);
     
                  if (de != null)
                  {
                       // 必须在判断用户密码正确前,对帐号激活属性进行判断;否则将出现异常。
                       int userAccountControl = Convert.ToInt32(de.Properties["userAccountControl"][0]);
                       de.Close();
     
                       if (!IsAccountActive(userAccountControl))
                           return LoginResult.LOGIN_USER_ACCOUNT_INACTIVE;
     
                       if (GetDirectoryEntry(commonName, password) != null)
                           return LoginResult.LOGIN_USER_OK;
                       else
                           return LoginResult.LOGIN_USER_PASSWORD_INCORRECT;
                  }
                  else
                  {
                       return LoginResult.LOGIN_USER_DOESNT_EXIST;
                  }
             }
     
             ///
             ///判断用户帐号与密码是否足够以满足身份验证进而登录
             ///
             ///
    用户帐号
             ///
    密码
             ///如能可正常登录,则返回 true;否则返回 false
             public static LoginResult LoginByAccount(string sAMAccountName, string password)
             {
                  DirectoryEntry de = GetDirectoryEntryByAccount(sAMAccountName);
                      
                  if (de != null)
                  {
                       // 必须在判断用户密码正确前,对帐号激活属性进行判断;否则将出现异常。
                       int userAccountControl = Convert.ToInt32(de.Properties["userAccountControl"][0]);
                       de.Close();
     
                       if (!IsAccountActive(userAccountControl))
                           return LoginResult.LOGIN_USER_ACCOUNT_INACTIVE;
     
                       if (GetDirectoryEntryByAccount(sAMAccountName, password) != null)
                           return LoginResult.LOGIN_USER_OK;
                       else
                           return LoginResult.LOGIN_USER_PASSWORD_INCORRECT;
                  }
                  else
                  {
                       return LoginResult.LOGIN_USER_DOESNT_EXIST;
                  }
             }
     
             ///
             ///设置用户密码,管理员可以通过它来修改指定用户的密码。
             ///
             ///
    用户公共名称
             ///
    用户新密码
             public static void SetPassword(string commonName, string newPassword)
             {
                  DirectoryEntry de = GetDirectoryEntry(commonName);
                 
                  // 模拟超级管理员,以达到有权限修改用户密码
                  impersonate.BeginImpersonate();
                  de.Invoke("SetPassword", new object[]{newPassword});
                  impersonate.StopImpersonate();
     
                  de.Close();
             }
     
             ///
             ///设置帐号密码,管理员可以通过它来修改指定帐号的密码。
             ///
             ///
    用户帐号
             ///
    用户新密码
             public static void SetPasswordByAccount(string sAMAccountName, string newPassword)
             {
                  DirectoryEntry de = GetDirectoryEntryByAccount(sAMAccountName);
     
                  // 模拟超级管理员,以达到有权限修改用户密码
                  IdentityImpersonation impersonate = new IdentityImpersonation(ADUser, ADPassword, DomainName);
                  impersonate.BeginImpersonate();
                  de.Invoke("SetPassword", new object[]{newPassword});
                  impersonate.StopImpersonate();
     
                  de.Close();
             }
     
             ///
             ///修改用户密码
             ///
             ///
    用户公共名称
             ///
    旧密码
             ///
    新密码
             public static void ChangeUserPassword (string commonName, string oldPassword, string newPassword)
             {
                  // to-do: 需要解决密码策略问题
                  DirectoryEntry oUser = GetDirectoryEntry(commonName);
                  oUser.Invoke("ChangePassword", new Object[]{oldPassword, newPassword});
                  oUser.Close();
             }
     
             ///
             ///启用指定公共名称的用户
             ///
             ///
    用户公共名称
             public static void EnableUser(string commonName)
             {
                  EnableUser(GetDirectoryEntry(commonName));
             }
     
             ///
             ///启用指定 的用户
             ///
             ///
             public static void EnableUser(DirectoryEntry de)
             {
                  impersonate.BeginImpersonate();
                  de.Properties["userAccountControl"][0] = ADHelper.ADS_USER_FLAG_ENUM.ADS_UF_NORMAL_ACCOUNT | ADHelper.ADS_USER_FLAG_ENUM.ADS_UF_DONT_EXPIRE_PASSWD;
                  de.CommitChanges();
                  impersonate.StopImpersonate();
                  de.Close();
             }
     
             ///
             ///禁用指定公共名称的用户
             ///
             ///
    用户公共名称
             public static void DisableUser(string commonName)
             {
                  DisableUser(GetDirectoryEntry(commonName));
             }
     
             ///
             ///禁用指定 的用户
             ///
             ///
             public static void DisableUser(DirectoryEntry de)
             {
                  impersonate.BeginImpersonate();
                  de.Properties["userAccountControl"][0]=ADHelper.ADS_USER_FLAG_ENUM.ADS_UF_NORMAL_ACCOUNT | ADHelper.ADS_USER_FLAG_ENUM.ADS_UF_DONT_EXPIRE_PASSWD | ADHelper.ADS_USER_FLAG_ENUM.ADS_UF_ACCOUNTDISABLE;
                  de.CommitChanges();
                  impersonate.StopImpersonate();
                  de.Close();
             }
     
             ///
             ///将指定的用户添加到指定的组中。默认为 Users 下的组和用户。
             ///
             ///
    用户公共名称
             ///
    组名
             public static void AddUserToGroup(string userCommonName, string groupName)
              {
                  DirectoryEntry oGroup = GetDirectoryEntryOfGroup(groupName);
                  DirectoryEntry oUser = GetDirectoryEntry(userCommonName);
                 
                  impersonate.BeginImpersonate();
                  oGroup.Properties["member"].Add(oUser.Properties["distinguishedName"].Value);
                  oGroup.CommitChanges();
                  impersonate.StopImpersonate();
     
                  oGroup.Close();
                  oUser.Close();
             }
     
             ///
             ///将用户从指定组中移除。默认为 Users 下的组和用户。
             ///
             ///
    用户公共名称
             ///
    组名
             public static void RemoveUserFromGroup(string userCommonName, string groupName)
             {
                  DirectoryEntry oGroup = GetDirectoryEntryOfGroup(groupName);
                  DirectoryEntry oUser = GetDirectoryEntry(userCommonName);
                 
                  impersonate.BeginImpersonate();
                  oGroup.Properties["member"].Remove(oUser.Properties["distinguishedName"].Value);
                  oGroup.CommitChanges();
                  impersonate.StopImpersonate();
     
                  oGroup.Close();
                  oUser.Close();
             }
     
         }
     
         ///
         ///用户模拟角色类。实现在程序段内进行用户角色模拟。
         ///
         public class IdentityImpersonation
         {
             [DllImport("advapi32.dll", SetLastError=true)]
             public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
     
             [DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)]
             public extern static bool DuplicateToken(IntPtr ExistingTokenHandle, int SECURITY_IMPERSONATION_LEVEL, ref IntPtr DuplicateTokenHandle);
     
             [DllImport("kernel32.dll", CharSet=CharSet.Auto)]
             public extern static bool CloseHandle(IntPtr handle);
     
             // 要模拟的用户的用户名、密码、域(机器名)
             private String _sImperUsername;
             private String _sImperPassword;
             private String _sImperDomain;
             // 记录模拟上下文
             private WindowsImpersonationContext _imperContext;
             private IntPtr _adminToken;
             private IntPtr _dupeToken;
             // 是否已停止模拟
             private Boolean _bClosed;
     
             ///
             ///构造函数
             ///
             ///
    所要模拟的用户的用户名
             ///
    所要模拟的用户的密码
             ///
    所要模拟的用户所在的域
             public IdentityImpersonation(String impersonationUsername, String impersonationPassword, String impersonationDomain)
             {
                  _sImperUsername = impersonationUsername;
                  _sImperPassword = impersonationPassword;
                  _sImperDomain = impersonationDomain;
     
                  _adminToken = IntPtr.Zero;
                  _dupeToken = IntPtr.Zero;
                  _bClosed = true;
             }
     
             ///
             ///析构函数
             ///
             ~IdentityImpersonation()
             {
                  if(!_bClosed)
                  {
                       StopImpersonate();
                  }
             }
     
             ///
             ///开始身份角色模拟。
             ///
             ///
             public Boolean BeginImpersonate()
             {
                  Boolean bLogined = LogonUser(_sImperUsername, _sImperDomain, _sImperPassword, 2, 0, ref _adminToken);
                           
                  if(!bLogined)
                  {
                       return false;
                  }
     
                  Boolean bDuped = DuplicateToken(_adminToken, 2, ref _dupeToken);
     
                  if(!bDuped)
                  {
                       return false;
                  }
     
                  WindowsIdentity fakeId = new WindowsIdentity(_dupeToken);
                  _imperContext = fakeId.Impersonate();
     
                  _bClosed = false;
     
                  return true;
             }
     
             ///
             ///停止身分角色模拟。
             ///
             public void StopImpersonate()
             {
                  _imperContext.Undo();
                  CloseHandle(_dupeToken);
                  CloseHandle(_adminToken);
                  _bClosed = true;
             }
         }
     
    }

    =====================================================

    简单的应用

    [WebMethod]
      public string IsAuthenticated(string UserID,string Password)
      {
                string _path = "LDAP://" + adm + "/DC=lamda,DC=com,DC=cn";//"LDAP://172.75.200.1/DC=名字,DC=com,DC=cn";
       string _filterAttribute=null;
      
       DirectoryEntry entry = new DirectoryEntry(_path,UserID,Password);
       
       try
       {
        //Bind to the native AdsObject to force authentication.
        DirectorySearcher search = new DirectorySearcher(entry);
        search.Filter = "(SAMAccountName=" + UserID + ")";
        SearchResult result = search.FindOne();
        
        if(null == result)
        {
         _filterAttribute="登录失败: 未知的用户名或错误密码.";
        }
        else
        {
         _filterAttribute="true";
        }
       
       }
       catch (Exception ex)
       {
    //    if(ex.Message.StartsWith("该服务器不可操作")) 
    //    {
    //     string mail = ADO.GetConnString("mail");
    //     entry.Path = "LDAP://"+mail+"/OU=名字,DC=it2004,DC=gree,DC=com,DC=cn";
    //     try
    //     { 
    //      DirectorySearcher search = new DirectorySearcher(entry);
    //      search.Filter = "(SAMAccountName=" + UserID + ")";
    //      SearchResult result = search.FindOne();
    //
    //      if(null == result)
    //      {
    //       _filterAttribute="登录失败: 未知的用户名或错误密码.";
    //      }
    //      else
    //      {
    //       _filterAttribute="true";
    //      }
    //      return _filterAttribute;
    //   
    //     }
    //     catch (Exception ex1)
    //     {
    //      return ex1.Message;
    //     }
    //     
    //    }
    //    else
         return ex.Message;
       }
       return _filterAttribute;
      }
      [WebMethod]
      public string[] LDAPMessage(string UserID)
      {
       string _path = "LDAP://"+adm+"/DC=it2004,DC=名字,DC=com,DC=cn";
       string[] _filterAttribute=new string[5];
       string[] msg = {"samaccountname","displayname","department","company"};

       DirectoryEntry entry = new DirectoryEntry(_path,"180037","790813");

       
       try
       { 


        Object obj = entry.NativeObject;
        
        DirectorySearcher search = new DirectorySearcher(entry);
        search.Filter = "(SAMAccountName=" + UserID + ")";
        SearchResult result = search.FindOne();

        
        if(null == result)
        {
         _filterAttribute[0]="登录失败: 未知的用户名或错误密码.";
        }
        else
        {
         _filterAttribute[0]="true";  
         for(int propertyCounter = 1; propertyCounter < 5; propertyCounter++)
         {
           
          if(propertyCounter==4 &&  result.Properties[msg[propertyCounter-1]][0]==null)
           break;
          _filterAttribute[propertyCounter]=result.Properties[msg[propertyCounter-1]][0].ToString();
          
         }
        }
       
       }
       catch (Exception ex)
       {
        //_filterAttribute[0]=ex.Message;
       }
       return _filterAttribute;
      }
      [WebMethod]
      public string[] AllMembers() 
      {
       
       string[] msg;
       string _path = "LDAP://名字";

       DirectoryEntry entry = new DirectoryEntry(_path,"180037","790813");
       
     
       //Bind to the native AdsObject to force authentication.
       Object obj = entry.NativeObject;

       System.DirectoryServices.DirectorySearcher mySearcher = new System.DirectoryServices.DirectorySearcher(entry);
       mySearcher.Filter = "(SAMAccountName=180037)";
       msg=new string[mySearcher.FindAll().Count];
       int i=0;
       foreach(System.DirectoryServices.SearchResult result in mySearcher.FindAll()) 
       {
        msg[i++]=result.Path;
       }
       return msg;
      }
     
     }

  • 相关阅读:
    Ansible批量更新远程主机用户密码
    国外程序员推荐:每个程序员都应该读的非编程书
    FindFriendsServer服务搭建
    Android JNI HelloWorld实现
    2014年4月读书单
    jQuery 之父:每天写代码
    QT210 Android4.0源码编译和烧录文档整理
    Android系统分区理解及分区目录细解
    Android组件Spinner使用
    使用事件驱动模型实现高效稳定的网络服务器程序
  • 原文地址:https://www.cnblogs.com/zhangchenliang/p/3907128.html
Copyright © 2011-2022 走看看