private void CreateUserAccount(SetupVariables vars) { //SetProgressText("Creating windows user account..."); var domain = vars.UserDomain; var userName = vars.UserAccount; // var description = String.Format(UserAccountDescription, vars.ComponentName); var memberOf = vars.UserMembership; var password = vars.UserPassword; Log.WriteStart(LogStartMessage); Log.WriteInfo(String.Format(LogInfoMessage, userName)); // create account SystemUserItem user = new SystemUserItem { Domain = domain, Name = userName, FullName = userName, Description = description, MemberOf = memberOf, Password = password, PasswordCantChange = true, PasswordNeverExpires = true, AccountDisabled = false, System = true }; // SecurityUtils.CreateUser(user); // add rollback action //RollBack.RegisterUserAccountAction(domain, userName); // update log Log.WriteEnd(LogEndMessage); // update install log if (String.IsNullOrEmpty(domain)) { InstallLog.AppendLine(String.Format(InstallLogMessageLocal, userName)); } else { InstallLog.AppendLine(String.Format(InstallLogMessageDomain, userName, domain)); } }
/// <summary> /// Creates user /// </summary> /// <param name="userInfo">User</param> internal static void CreateUser(SystemUserItem userInfo) { try { DirectoryEntry root = null; DirectoryEntry user = null; if (string.IsNullOrEmpty(userInfo.Domain)) { // create user root = new DirectoryEntry(String.Format("WinNT://{0}", Environment.MachineName)); user = root.Children.Add(userInfo.Name, "user"); user.Invoke("SetPassword", new object[] { userInfo.Password }); user.Properties["FullName"].Add(userInfo.FullName); user.Properties["Description"].Add(userInfo.Description); user.Properties["UserFlags"].Add(BuildUserFlags( userInfo.PasswordCantChange, userInfo.PasswordNeverExpires, userInfo.AccountDisabled)); // save account user.CommitChanges(); } else { // root entry string rootPath = SecurityUtils.GetDomainUsersContainer(userInfo.Domain); if (string.IsNullOrEmpty(rootPath)) { throw new Exception(string.Format("Users container not found in domain {0}", userInfo.Domain)); } root = new DirectoryEntry(rootPath); // add user user = root.Children.Add("CN=" + userInfo.Name, "user"); SetADObjectProperty(user, "description", userInfo.Description); SetADObjectProperty(user, "UserPrincipalName", userInfo.Name); SetADObjectProperty(user, "sAMAccountName", userInfo.Name); //SetObjectProperty(user, "UserPassword", userInfo.Password); user.Properties["userAccountControl"].Value = ADAccountOptions.UF_NORMAL_ACCOUNT | ADAccountOptions.UF_PASSWD_NOTREQD; user.CommitChanges(); // set password user.Invoke("SetPassword", new object[] { userInfo.Password }); ADAccountOptions userFlags = ADAccountOptions.UF_NORMAL_ACCOUNT; if (userInfo.PasswordCantChange) { userFlags |= ADAccountOptions.UF_PASSWD_CANT_CHANGE; } if (userInfo.PasswordNeverExpires) { userFlags |= ADAccountOptions.UF_DONT_EXPIRE_PASSWD; } if (userInfo.AccountDisabled) { userFlags |= ADAccountOptions.UF_ACCOUNTDISABLE; } user.Properties["userAccountControl"].Value = userFlags; user.CommitChanges(); } AddUserToGroups(userInfo.Domain, userInfo.Name, userInfo.MemberOf); } catch (Exception ex) { throw new Exception("Can't create user", ex); } }
private bool CheckUserAccount() { string userName = txtUserName.Text; string password = txtPassword.Text; string domain = (chkUseActiveDirectory.Checked ? txtDomain.Text : null); if (SecurityUtils.UserExists(domain, userName)) { ShowWarning(string.Format("{0} user account already exists.", userName)); return(false); } bool created = false; try { // create account Log.WriteStart(string.Format("Creating temp user account \"{0}\"", userName)); SystemUserItem user = new SystemUserItem(); user.Name = userName; user.FullName = userName; user.Description = string.Empty; user.MemberOf = null; user.Password = password; user.PasswordCantChange = true; user.PasswordNeverExpires = true; user.AccountDisabled = false; user.System = true; user.Domain = domain; SecurityUtils.CreateUser(user); //update log Log.WriteEnd("Created temp local user account"); created = true; } catch (Exception ex) { System.Runtime.InteropServices.COMException e = ex.InnerException as System.Runtime.InteropServices.COMException; Log.WriteError("Create temp local user account error", ex); string errorMessage = "Unable to create Windows user account"; if (e != null) { string errorCode = string.Format("{0:x}", e.ErrorCode); switch (errorCode) { case "8007089a": errorMessage = "Invalid username"; break; case "800708c5": errorMessage = "The password does not meet the password policy requirements. Check the minimum password length, password complexity and password history requirements."; break; case "800708b0": errorMessage = "The account already exists."; break; } } ShowWarning(errorMessage); return(false); } if (created) { Log.WriteStart(string.Format("Deleting temp local user account \"{0}\"", userName)); try { SecurityUtils.DeleteUser(domain, userName); } catch (Exception ex) { Log.WriteError("Delete temp local user account error", ex); } Log.WriteEnd("Deleted temp local user account"); } return(true); }