zoukankan      html  css  js  c++  java
  • Windows账户管理

    windows账户管理

    最近部署人员给我们提了一个需求,就是希望简化部署过程。
    为了能够远程桌面控制终端电脑,他们需要为每台终端设置进行一些设置,例如创建用户名和密码,开启允许
    远程桌面设置,以及开机免登录的设置,这部分的操作加大了部署人员的工作量,所以他们提出是否能够提供
    一个软件,直接在终端设备上安装一下,那么这些设置就自动设置好了,而且还能支持后面平台下发修改用户名
    和密码的功能。所以有了这些功能的探索,注册表修改部分,用到了注册表比对工具现整理一下成果。
    创建管理员账户

    //传入参数:Username要创建的用户名,Userpassword用户密码,Path主文件夹路径 
    public static bool CreateNTUser(string username, string userpassword, string path)
    {
    	try
    	{
    		DirectoryEntry obDirEntry = new DirectoryEntry("WinNT://" + Environment.MachineName);
    
    		DirectoryEntry obUser = obDirEntry.Children.Add(username, "User"); //增加用户名 
    		obUser.Properties["FullName"].Add(username); //用户全称 
    		obUser.Invoke("SetPassword", userpassword); //用户密码 
    		obUser.Invoke("Put", "Description", "远程用户");//用户详细描述 
    		//obUser.Invoke("Put","PasswordExpired",1); //用户下次登录需更改密码 
    		obUser.Invoke("Put", "UserFlags", 66049); //密码永不过期 
    		obUser.Invoke("Put", "HomeDirectory", path); //主文件夹路径 
    		obUser.CommitChanges();//保存用户 
    		//DirectoryEntry grp = obDirEntry.Children.Find("Users", "group");//Users组 
    		DirectoryEntry grp = obDirEntry.Children.Find("Administrators", "group");
    		if (grp.Name != "")
    		{
    			grp.Invoke("Add", obUser.Path.ToString());//将用户添加到某组 
    		}
    		return true;
    	}
    	catch(Exception ex)
    	{
    		RGCommon.Log(ex.Message);
    		return false;
    	}
    }
    

    删除账户

     //传入参数:Username用户名 
    public static bool DelNTUser(string Username)
    {
    	try
    	{
    		DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer");
    		DirectoryEntry obUser = localMachine.Children.Find(Username, "User");//找得用户 
    		localMachine.Children.Remove(obUser);//删除用户 
    		localMachine.Close();
    		return true;
    	}
    	catch(Exception ex)
    	{
    		RGCommon.Log(ex.Message);
    		return false;
    	}
    }
    

    重命名账户

    /// <summary>
    /// 重命名账户
    /// </summary>
    /// <param name="username"></param>
    /// <param name="newname"></param>
    /// <returns></returns>
    public static bool Rename(string username, string newname)
    {
    	try
    	{
    		DirectoryEntry localMachine = new DirectoryEntry($"WinNT://{Environment.MachineName},computer");
    		DirectoryEntry obUser = localMachine.Children.Find(username, "User");
    		obUser.Rename(newname);//重命名
    		obUser.CommitChanges();
    		obUser.Close();
    		localMachine.Close();
    		return true;
    	}
    	catch (Exception ex)
    	{
    		RGCommon.Log(ex.Message);
    		return false;
    	}
    }
    

    修改用户密码

    //修改NT用户密码 
    //传入参数:Username用户名,Userpassword用户新密码 
    public static bool InitNTPwd(string username, string userpassword)
    {
    	try
    	{
    		DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer");
    		DirectoryEntry obUser = localMachine.Children.Find(username, "User");
    		obUser.Invoke("SetPassword", userpassword);
    		obUser.CommitChanges();
    		obUser.Close();
    		localMachine.Close();
    		return true;
    	}
    	catch(Exception ex)
    	{
    		RGCommon.Log(ex.Message);
    		return false;
    	}
    }
    

    判断用户是否存在

    /// <summary>
    /// 判断用户是否存在
    /// </summary>
    /// <param name="userName"></param>
    /// <returns></returns>
    public static bool ExistWinUser(string userName)
    {
    	try
    	{
    		using(DirectoryEntry localMachine = new DirectoryEntry($"WinNT://{Environment.MachineName},computer"))
    		{
    			var user = localMachine.Children.Find(userName, "user");
    			return user != null;
    		}
    	}
    	catch(Exception ex)
    	{
    		RGCommon.Log(ex.Message);
    	}
    	return false;
    }
    

    启用/禁用账户

     /// <summary>
    /// 启用/禁用账户
    /// </summary>
    /// <param name="userName"></param>
    /// <param name="isDisable"></param>
    public static void Disable(string userName, bool isDisable)
    {
    	DirectoryEntry user = new DirectoryEntry($"WinNT://{Environment.MachineName}/{userName},user");
    	user.InvokeSet("AccountDisabled", isDisable);
    	user.CommitChanges();
    	user.Close();
    }
    

    防火墙入站规则添加

    /// <summary>
    /// 添加入站规则
    /// </summary>
    /// <param name="name"></param>
    /// <param name="port">要入站的端口号</param>
    /// <param name="protocol"></param>
    public static void NetFwAddPorts(string name, int port, string protocol)
    {
    	INetFwMgr netFwMgr = (INetFwMgr)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwMgr"));
    	INetFwOpenPort objPort = (INetFwOpenPort)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwOpenPort"));
    	objPort.Name = name;
    	objPort.Port = port;
    	if(protocol.ToUpper() == "TCP")
    	{
    		objPort.Protocol = NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
    	}
    	else
    	{
    		objPort.Protocol = NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_UDP;
    	}
    	objPort.Scope = NET_FW_SCOPE_.NET_FW_SCOPE_ALL;
    	objPort.Enabled = true;
    	bool exist = false;
    	//加入到防火墙管理策略
    	foreach(INetFwOpenPort mPort in netFwMgr.LocalPolicy.CurrentProfile.GloballyOpenPorts)
    	{
    		if(objPort == mPort)
    		{
    			exist = true;
    			break;
    		}
    	}
    	if (!exist)
    	{
    		netFwMgr.LocalPolicy.CurrentProfile.GloballyOpenPorts.Add(objPort);
    	}
    }
    

    开机免登录设置

    /// <summary>
    /// 免登陆设置
    /// </summary>
    public static void AutoAdminLogon(string userName, string password)
    {
    	Microsoft.Win32.RegistryKey root = Microsoft.Win32.RegistryKey.OpenBaseKey(Microsoft.Win32.RegistryHive.LocalMachine, Microsoft.Win32.RegistryView.Registry64);
    	Microsoft.Win32.RegistryKey item = root.OpenSubKey(@"SOFTWAREMicrosoftWindows NTCurrentVersionWinlogon", true);
    	if(item != null)
    	{
    		item.SetValue("AutoAdminLogon", "1");
    		item.SetValue("DefaultUserName", userName);
    		item.SetValue("DefaultPassword", password);
    	}
    }
    

    允许远程桌面设置

    /// <summary>
    /// 允许远程桌面设置
    /// </summary>
    public static void AllowRemote()
    {
    	Microsoft.Win32.RegistryKey root = Microsoft.Win32.RegistryKey.OpenBaseKey(Microsoft.Win32.RegistryHive.LocalMachine, Microsoft.Win32.RegistryView.Registry64);
    	Microsoft.Win32.RegistryKey item = root.OpenSubKey(@"SYSTEMCurrentControlSetControlRemote Assistance", true);
    	if(item != null)
    	{
    		item.SetValue("fAllowToGetHelp", "1");
    	}
    	item = root.OpenSubKey(@"SYSTEMCurrentControlSetControlTerminal Server", true);
    	if(item != null)
    	{
    		item.SetValue("fDenyTSConnections", 0, Microsoft.Win32.RegistryValueKind.DWord);
    	}
    	item = root.OpenSubKey(@"SYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules", true);
    	if(item != null)
    	{
    		item.SetValue("RemoteDesktop-In-TCP", "v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=3389|App=System|Name=@FirewallAPI.dll,-28753|Desc=@FirewallAPI.dll,-28756|EmbedCtxt=@FirewallAPI.dll,-28752|");
    	}
    }
    
  • 相关阅读:
    了解Onunload,onbeforeunload事件
    asp.net 获取客服端的Ip地址
    HttpWebRequest WebResponse 对象简单了解
    web 编辑word 之dsoframer控件
    web编辑word之dsoframer(二)
    WebClient 对象实现下载和上传
    jquery datagrid 后台获取datatable处理成正确的json字符串
    doc文档的web查看
    C#中处理字符串对象的函数
    类3-类的static属性
  • 原文地址:https://www.cnblogs.com/zzr-stdio/p/11653165.html
Copyright © 2011-2022 走看看