private void CreateUserAccount(string domain, string userName, string password, string description, string[] memberOf)
		{
			SetProgressText("Creating windows user account...");
			this.Update();
			string componentId = Wizard.SetupVariables.ComponentId;

			if (!SecurityUtils.UserExists(domain, userName))
			{
				Log.WriteStart("Creating Windows user account");
				Log.WriteInfo(string.Format("Creating Windows user account \"{0}\"", userName));
				
				// create account
				SystemUserItem user = new SystemUserItem();
				user.Domain = domain;
				user.Name = userName;
				user.FullName = userName;
				user.Description = description;
				user.MemberOf = memberOf;
				user.Password = password;
				user.PasswordCantChange = true;
				user.PasswordNeverExpires = true;
				user.AccountDisabled = false;
				user.System = true;
				SecurityUtils.CreateUser(user);
				
				//add rollback action
				RollBack.RegisterUserAccountAction(domain, userName);
				
				// update config setings
				AppConfig.SetComponentSettingBooleanValue(componentId, "NewUserAccount", true);
				AppConfig.SetComponentSettingStringValue(componentId, "UserAccount", userName);
				AppConfig.SetComponentSettingStringValue(componentId, "Domain", domain);
				
				//update log
				Log.WriteEnd("Created windows user account");				
				
				//update install log
				if ( string.IsNullOrEmpty(domain))
					InstallLog.AppendLine(string.Format("- Created a new windows user account \"{0}\"", userName));
				else
					InstallLog.AppendLine(string.Format("- Created a new windows user account \"{0}\" in \"{1}\" domain", userName, domain));
			}
			else
			{
				throw new Exception("Account already exists");
			}
		}
Beispiel #2
0
		/// <summary>
		/// Creates user
		/// </summary>
		/// <param name="userInfo">User</param>
		internal static void CreateUser(SystemUserItem userInfo)
		{
			try
			{
				DirectoryEntry root = null;
				DirectoryEntry user = null;

				if (string.IsNullOrEmpty(userInfo.Domain))
				{
					// create user
					root = new DirectoryEntry(String.Format("WinNT://{0}", Environment.MachineName));
					user = root.Children.Add(userInfo.Name, "user");
					user.Invoke("SetPassword", new object[] { userInfo.Password });
					user.Properties["FullName"].Add(userInfo.FullName);
					user.Properties["Description"].Add(userInfo.Description);
					user.Properties["UserFlags"].Add(BuildUserFlags(
						userInfo.PasswordCantChange,
						userInfo.PasswordNeverExpires,
						userInfo.AccountDisabled));

					// save account
					user.CommitChanges();
				}
				else
				{
					// root entry
					string rootPath = SecurityUtils.GetDomainUsersContainer(userInfo.Domain);
					if (string.IsNullOrEmpty(rootPath))
						throw new Exception(string.Format("Users container not found in domain {0}", userInfo.Domain));
					
					root = new DirectoryEntry(rootPath);
					

					// add user
					user = root.Children.Add("CN=" + userInfo.Name, "user");

					SetADObjectProperty(user, "description", userInfo.Description);
					SetADObjectProperty(user, "UserPrincipalName", userInfo.Name);
					SetADObjectProperty(user, "sAMAccountName", userInfo.Name);
					//SetObjectProperty(user, "UserPassword", userInfo.Password);
					user.Properties["userAccountControl"].Value =
						ADAccountOptions.UF_NORMAL_ACCOUNT | ADAccountOptions.UF_PASSWD_NOTREQD;
					user.CommitChanges();

					// set password
					user.Invoke("SetPassword", new object[] { userInfo.Password });

					ADAccountOptions userFlags = ADAccountOptions.UF_NORMAL_ACCOUNT;

					if (userInfo.PasswordCantChange)
						userFlags |= ADAccountOptions.UF_PASSWD_CANT_CHANGE;

					if (userInfo.PasswordNeverExpires)
						userFlags |= ADAccountOptions.UF_DONT_EXPIRE_PASSWD;

					if (userInfo.AccountDisabled)
						userFlags |= ADAccountOptions.UF_ACCOUNTDISABLE;

					user.Properties["userAccountControl"].Value = userFlags;
					user.CommitChanges();
				}
				AddUserToGroups(userInfo.Domain, userInfo.Name, userInfo.MemberOf);
			}
			catch (Exception ex)
			{
				throw new Exception("Can't create user", ex);
			}
		}
		private void CreateUserAccount(SetupVariables vars)
		{
			//SetProgressText("Creating windows user account...");

			var domain = vars.UserDomain;
			var userName = vars.UserAccount;
			//
			var description = String.Format(UserAccountDescription, vars.ComponentName);
			var memberOf = vars.UserMembership;
			var password = vars.UserPassword;

			Log.WriteStart(LogStartMessage);

			Log.WriteInfo(String.Format(LogInfoMessage, userName));

			// create account
			SystemUserItem user = new SystemUserItem
			{
				Domain = domain,
				Name = userName,
				FullName = userName,
				Description = description,
				MemberOf = memberOf,
				Password = password,
				PasswordCantChange = true,
				PasswordNeverExpires = true,
				AccountDisabled = false,
				System = true
			};

			//
			SecurityUtils.CreateUser(user);

			// add rollback action
			//RollBack.RegisterUserAccountAction(domain, userName);

			// update log
			Log.WriteEnd(LogEndMessage);

			// update install log
			if (String.IsNullOrEmpty(domain))
				InstallLog.AppendLine(String.Format(InstallLogMessageLocal, userName));
			else
				InstallLog.AppendLine(String.Format(InstallLogMessageDomain, userName, domain));
		}
		private bool CheckUserAccount()
		{
			string userName = txtUserName.Text;
			string password = txtPassword.Text;
			string domain = (chkUseActiveDirectory.Checked ? txtDomain.Text : null);
			
			if (SecurityUtils.UserExists(domain, userName))
			{
				ShowWarning(string.Format("{0} user account already exists.", userName));
				return false;
			}
			
			bool created = false;
			try
			{
				// create account
				Log.WriteStart(string.Format("Creating temp user account \"{0}\"", userName));
				SystemUserItem user = new SystemUserItem();
				user.Name = userName;
				user.FullName = userName;
				user.Description = string.Empty;
				user.MemberOf = null;
				user.Password = password;
				user.PasswordCantChange = true;
				user.PasswordNeverExpires = true;
				user.AccountDisabled = false;
				user.System = true;
				user.Domain = domain;
				SecurityUtils.CreateUser(user);
				//update log
				Log.WriteEnd("Created temp local user account");
				created = true;
			}
			catch (Exception ex)
			{
				System.Runtime.InteropServices.COMException e = ex.InnerException as System.Runtime.InteropServices.COMException;
				Log.WriteError("Create temp local user account error", ex);
				string errorMessage = "Unable to create Windows user account"; 
				if (e != null )
				{
					string errorCode = string.Format("{0:x}", e.ErrorCode);
					switch (errorCode)
					{
						case "8007089a":
							errorMessage = "Invalid username";
							break;
						case "800708c5":
							errorMessage = "The password does not meet the password policy requirements. Check the minimum password length, password complexity and password history requirements.";
							break;
						case "800708b0":
							errorMessage = "The account already exists.";
							break;
					}
				}
				ShowWarning(errorMessage);
				return false;
			}

			if (created)
			{
				Log.WriteStart(string.Format("Deleting temp local user account \"{0}\"", userName));
				try
				{
					SecurityUtils.DeleteUser(domain, userName);
				}
				catch (Exception ex)
				{
					Log.WriteError("Delete temp local user account error", ex);
				}
				Log.WriteEnd("Deleted temp local user account");
			}
			return true;
		}