重置AD域用户的密码 #csharp #ad
public bool ResetPwdByNewPassword(DirectoryEntry userEntry, String originPassword, String newPassword)
{
var sAMAccountName = String.Empty;
var result = false;
try
{
if (userEntry.Properties.Contains("sAMAccountName"))
{
sAMAccountName = userEntry.Properties["sAMAccountName"][0].ToString();
DirectoryEntry tempEntry = CheckLogin(sAMAccountName, originPassword);
if (tempEntry != null)
{
//只能调用具有权限的管理员来更改用户密码
DirectorySearcher searcher = new DirectorySearcher(_root);
searcher.Filter = "(sAMAccountName=" + sAMAccountName + ")";
DirectoryEntry userNewEntry = searcher.FindOne().GetDirectoryEntry();
userNewEntry.Invoke("SetPassword", new object[] { "" + newPassword + "" });
userNewEntry.CommitChanges();
if (userNewEntry.Properties.Contains("mobile"))
{
var mobile = userNewEntry.Properties["mobile"][0].ToString();
SendMsg(mobile, newPassword);
}
result = true;
}
}
}
catch(Exception ex)
{
result = false;
}
return result;
}
class Program
{
static void Main(string[] args)
{
//userRoot是用户登录后,才能使用的root
DirectoryEntry userRoot = new DirectoryEntry("LDAP://test.com", "administrator", "P@ssw0rd");
DirectorySearcher searcher = new DirectorySearcher(userRoot);
searcher.Filter = "(sAMAccountName=" + "man" + ")";
DirectoryEntry userEntry = searcher.FindOne().GetDirectoryEntry();
var thumbnailAbsolutePath = @"E:\code\01.ADMgr项目文件\03.开发文件\avatar.jpg";
byte[] imgData = System.IO.File.ReadAllBytes(thumbnailAbsolutePath);
userEntry.Properties["jpegPhoto"].Clear();
userEntry.Properties["jpegPhoto"].Add(imgData);
userEntry.CommitChanges();
var thumbnailAbsolutePath2 = @"E:\code\01.ADMgr项目文件\03.开发文件\avatar75.jpg";
byte[] imgData2 = System.IO.File.ReadAllBytes(thumbnailAbsolutePath2);
userEntry.Properties["thumbnailPhoto"].Clear();
userEntry.Properties["thumbnailPhoto"].Add(imgData2);
userEntry.CommitChanges();
userEntry.Dispose();
Console.ReadKey();
}
}
//DirectorySearcher
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(&(objectClass=group)(cn=" + groupName + "))";
search.SearchScope = SearchScope.Subtree;
SearchResult result = search.FindOne();
1.SearchScope 取值說明﹕
SearchScope.Base﹕ 只搜索对象中的属性,至多可以得到一个对象。
SearchScope.OneLevel﹕ 表示在基对象的子集合中继续搜索。基对象本身是不搜索的
SearchScope.Subtree﹕ 在子树中搜索
2.部分方法說明
FindOne() 执行搜索并返回第一项
FindAll() 执行搜索并返回项目集合
3.DirectoryEntry类型的对象entry为搜索的根目录
DirectorySearcher (DirectoryEntry, String, String[], SearchScope) 参
数分别为:搜索根目录、搜索筛选条件、要获取的属性和搜索范围,初始化 DirectorySearcher类别
//
using System.DirectoryServices;
DirectoryEntry group = new DirectoryEntry("LDAP://CN=MyGroup,DC=test,DC=com");
DirectorySearcher src = new DirectorySearcher(group "(&(objectClass=user)(objectCategory=Person))"); //& 表示同时满足多个条件
src.AttributeScopedQuery = "member"; // 仅查询组织
src.PropertiesToLoad.Add("sn");
src.PropertiesToLoad.Add("givenName");
src.PropertiesToLoad.Add("telephoneNumber");
foreach(SearchResult res in src.FindAll())
{
Console.WriteLine("…");
}
public bool ModifyAdUserAvatarThumbnailPhoto(DirectoryEntry userEntry, byte[] imgData)
{
try
{
string sAMAccountName = String.Empty;
#region sAMAccountName
if (userEntry.Properties.Contains("sAMAccountName"))
{
sAMAccountName = userEntry.Properties["sAMAccountName"][0].ToString();
DirectorySearcher searcher = new DirectorySearcher(_root);
searcher.Filter = "(sAMAccountName=" + sAMAccountName + ")";
DirectoryEntry userNewEntry = searcher.FindOne().GetDirectoryEntry();
userNewEntry.Properties["thumbnailPhoto"].Clear();
userNewEntry.Properties["thumbnailPhoto"].Add(imgData);
userNewEntry.CommitChanges();
return true;
}
else
{
return false;
}
#endregion
}
catch (Exception ex)
{
return false;
}
}
#endregion
// 重置AD域用户的密码,设置AD用户头像和缩略图必须使用管理员权限才可以,普通用户的时候,系统会拒绝访问
public bool ModifyAdUserAvatarJpegPhoto(DirectoryEntry userEntry,byte[] imgData)
{
try
{
string sAMAccountName = String.Empty;
#region sAMAccountName
if (userEntry.Properties.Contains("sAMAccountName"))
{
sAMAccountName = userEntry.Properties["sAMAccountName"][0].ToString();
DirectorySearcher searcher = new DirectorySearcher(_root);
searcher.Filter = "(sAMAccountName=" + sAMAccountName + ")";
DirectoryEntry userNewEntry = searcher.FindOne().GetDirectoryEntry();
userNewEntry.Properties["jpegPhoto"].Clear();
userNewEntry.Properties["jpegPhoto"].Add(imgData);
userNewEntry.CommitChanges();
return true;
}
else
{
return false;
}
#endregion
}
catch (Exception ex)
{
return false;
}
}