/// <summary>
/// 创建域用户,"administrator","Ccc2008neu","administrator","Ccc2008neu"
/// </summary>
/// <param name="loginName"></param>
/// <param name="displayName"></param>
/// <param name="description"></param>
/// <param name="pwd"></param>
public static bool AddUser(string loginName, string displayName, string email, string phone, string pwd, string topPath, string groupName, string schoolName, bool enabled)
{
string ouPath = AddOU(topPath, schoolName);
bool result;
string content = "";
//先加安全组,帐号重复会出错;否则会出现错误
DirectoryEntry grp = AddGroup(new DirectoryEntry(topPath), groupName);
using (DirectoryEntry AD = new DirectoryEntry(ouPath))
{
try
{
using (DirectoryEntry NewUser = AD.Children.Add("CN=" + loginName, "user"))
{
NewUser.Properties["displayName"].Add(displayName);
NewUser.Properties["name"].Add(displayName);
NewUser.Properties["sAMAccountName"].Add(loginName);
NewUser.Properties["userPrincipalName"].Add(loginName + DomainName);
if (phone != "")
{
NewUser.Properties["telephoneNumber"].Add(phone);
}
if (email != "")
{
NewUser.Properties["mail"].Add(email);
}
NewUser.CommitChanges();
try
{
ActiveDs.IADsUser user = (ActiveDs.IADsUser)NewUser.NativeObject;
user.AccountDisabled = !enabled;
user.SetPassword(pwd);
//密码永不过期
dynamic flag = user.Get("userAccountControl");
int newFlag = 0X10000;
user.Put("userAccountControl", newFlag);
user.SetInfo();
NewUser.CommitChanges();
}
catch (Exception ex)
{
content += ex.ToString() + "\r\f";
}
if (groupName != "")
{
AddUserToGroup(grp, NewUser);
}
result = true;
}
}
catch (Exception ex)
{
content += ex.ToString();
result = false;
}
}
return(result);
}
public bool AddUser(string path, UserInfo userInfo)
{
bool isResult = false;
using (DirectoryEntry AD = new DirectoryEntry(path))
{
using (DirectoryEntry NewUser = AD.Children.Add("CN=" + userInfo.name, "user"))
{
NewUser.Properties["displayName"].Add(userInfo.displayName);
NewUser.Properties["name"].Add(userInfo.name);
NewUser.Properties["sAMAccountName"].Add(userInfo.sAMAccountName);
NewUser.Properties["userPrincipalName"].Add(userInfo.userPrincipalName);
NewUser.Properties["description"].Add(userInfo.description);
NewUser.CommitChanges();
ActiveDs.IADsUser user = (ActiveDs.IADsUser)NewUser.NativeObject;
user.AccountDisabled = !userInfo.userEnabled;
user.SetPassword(userInfo.userPassword);
//密码永不过期
dynamic flag = user.Get("userAccountControl");
int newFlag = 0X10000;
user.Put("userAccountControl", newFlag);
user.SetInfo();
NewUser.CommitChanges();
isResult = true;
}
}
return(isResult);
}
public MethodResponse <DirectoryEntry> ValidateCredentials(string domain, string username, string password, string app, int tipo)
{
var Response = new MethodResponse <DirectoryEntry>();
Response.Code = 1;
try
{
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, username);
var dirEntry = user.GetUnderlyingObject() as DirectoryEntry;
ActiveDs.IADsUser native = (ActiveDs.IADsUser)dirEntry.NativeObject;
DateTime passwordExpirationDate = native.PasswordExpirationDate;
var intentosFallidos = 3 - native.BadLoginCount;
var diasFaltantes = DateTime.Today - passwordExpirationDate;
int cod;
cod = (int)dirEntry.Properties["useraccountcontrol"].Value;
if (cod == 512)
{
if (passwordExpirationDate < DateTime.Now)
{
Response.Code = 0;
Response.Message = "Tu contraseña ha expirado";
return(Response);
}
var diasRestantes = Math.Floor((passwordExpirationDate - DateTime.Now).TotalDays);
var horasRestantes = Math.Floor((passwordExpirationDate - DateTime.Now).TotalHours);
var minutosRestantes = Math.Ceiling((passwordExpirationDate - DateTime.Now).TotalMinutes);
//1 - Intranet || 2 - Público
if (tipo == 1)
{
if (diasRestantes <= 7 && diasRestantes > 0)
{
Response.Message = "Tu contraseña expirará en " + diasRestantes + (diasRestantes == 1 ? " día" : " días");
}
else if (diasRestantes == 0)
{
if (horasRestantes > 0)
{
Response.Message = "Tu contraseña expirará en " + horasRestantes + (horasRestantes == 1 ? " hora" : " horas");
}
else
{
Response.Message = "Tu contraseña expirará en " + minutosRestantes + (minutosRestantes == 1 ? " minuto" : " minutos");
}
}
}
else
{
Response.Message = "Tu contraseña está próxima a expirar";
}
}
if (cod == 514 || cod == 66050)
{
Response.Code = 0;
Response.Message = "La cuenta " + username + " está inactiva";
}
else
{
if (user != null)
{
if (user.IsAccountLockedOut())
{
Response.Code = 0;
if (tipo == 1)
{
Response.Message = "La cuenta " + username + " está bloqueada, se desbloqueará en 30 minutos";
}
else
{
Response.Message = "La cuenta " + username + " está bloqueada";
}
}
else
{
if (validaApp(app, username))
{
DirectoryEntry de = new DirectoryEntry(domain, username, password);
DirectorySearcher ds = new DirectorySearcher(de);
string qry = string.Format("(&(objectCategory=person)(sAMAccountName={0}))", username);
ds.Filter = qry;
try
{
//object obj = de.NativeObject;
SearchResult sr = ds.FindOne();
if (sr != null)
{
de = sr.GetDirectoryEntry();
Response.Result = de;
}
}
catch (DirectoryServicesCOMException)
{
Response.Code = 0;
intentosFallidos--;
if (tipo == 1)
{
Response.Message = "La contraseña es incorrecta. Solo te " + (intentosFallidos > 1 ? "quedan " : "queda ") + intentosFallidos + (intentosFallidos > 1 ? " intentos" : " intento");
}
else
{
Response.Message = "El usuario y/o la contraseña son incorrectos";
}
}
catch (Exception)
{
Response.Code = 0;
Response.Message = "Ocurrió un error";
// Dal.LogError(app, username, "Active.ValidateCredentials: " + ce.Message);
}
}
else
{
Response.Code = 0;
Response.Message = "El código de aplicación no existe";
}
}
}
else
{
Response.Code = 0;
if (tipo == 1)
{
Response.Message = string.Format("La cuenta " + username + " no existe");
}
else
{
Response.Message = "El usuario y/o la contraseña son incorrectos";
}
}
}
}
catch (Exception x)
{
Response.Code = 0;
if (tipo == 1)
{
Response.Message = string.Format("La cuenta " + username + " no existe");
}
else
{
Response.Message = "El usuario y/o la contraseña son incorrectos";
}
}
return(Response);
}