/// <summary> /// 创建域用户,"administrator","Ccc2008neu","administrator","Ccc2008neu" /// </summary> /// <param name="loginName"></param> /// <param name="displayName"></param> /// <param name="description"></param> /// <param name="pwd"></param> public static bool AddUser(string loginName, string displayName, string email, string phone, string pwd, string topPath, string groupName, string schoolName, bool enabled) { string ouPath = AddOU(topPath, schoolName); bool result; string content = ""; //先加安全组,帐号重复会出错;否则会出现错误 DirectoryEntry grp = AddGroup(new DirectoryEntry(topPath), groupName); using (DirectoryEntry AD = new DirectoryEntry(ouPath)) { try { using (DirectoryEntry NewUser = AD.Children.Add("CN=" + loginName, "user")) { NewUser.Properties["displayName"].Add(displayName); NewUser.Properties["name"].Add(displayName); NewUser.Properties["sAMAccountName"].Add(loginName); NewUser.Properties["userPrincipalName"].Add(loginName + DomainName); if (phone != "") { NewUser.Properties["telephoneNumber"].Add(phone); } if (email != "") { NewUser.Properties["mail"].Add(email); } NewUser.CommitChanges(); try { ActiveDs.IADsUser user = (ActiveDs.IADsUser)NewUser.NativeObject; user.AccountDisabled = !enabled; user.SetPassword(pwd); //密码永不过期 dynamic flag = user.Get("userAccountControl"); int newFlag = 0X10000; user.Put("userAccountControl", newFlag); user.SetInfo(); NewUser.CommitChanges(); } catch (Exception ex) { content += ex.ToString() + "\r\f"; } if (groupName != "") { AddUserToGroup(grp, NewUser); } result = true; } } catch (Exception ex) { content += ex.ToString(); result = false; } } return(result); }
//启用账户 public static bool EnableAdUser(string account) { try { DirectoryEntry NewUser = GetDirectoryEntryByAccount(account); if (NewUser != null) { try { ActiveDs.IADsUser user = (ActiveDs.IADsUser)NewUser.NativeObject; user.AccountDisabled = false; user.SetInfo(); NewUser.CommitChanges(); return(true); } catch (Exception ex) { } } } catch { } return(false); }
//删除用户 public static bool DeleteAdUser(string account) { try { //DirectoryEntry lgUser = GetDirectoryEntryByAccount(account); //if (lgUser != null) //{ // lgUser.DeleteTree(); // return true; //} DirectoryEntry NewUser = GetDirectoryEntryByAccount(account); if (NewUser != null) { try { ActiveDs.IADsUser user = (ActiveDs.IADsUser)NewUser.NativeObject; user.AccountDisabled = true; user.SetInfo(); NewUser.CommitChanges(); return(true); } catch (Exception ex) { } //lgUser.DeleteTree(); } } catch { } return(false); }
//更改密码 public static bool ChangePassword(string loginName, string newPassword) { DirectoryEntry NewUser = ADHelper.GetDirectoryEntryByAccount(loginName); ActiveDs.IADsUser user = (ActiveDs.IADsUser)NewUser.NativeObject; try { user.SetPassword(newPassword); NewUser.CommitChanges(); return(true); } catch { return(false); } }
static void EnableUser() { using (DirectoryEntry de = new DirectoryEntry()) { de.Path = "LDAP://celticrain/CN=John Doe, CN=Users, DC=eichkogelstrasse, DC=local"; de.Invoke("SetPassword", "anotherSecret"); de.CommitChanges(); ActiveDs.IADsUser user = (ActiveDs.IADsUser)de.NativeObject; user.SetPassword("someSecret"); user.AccountDisabled = false; de.CommitChanges(); } }
/// <summary> /// 修改AD中的用户信息,启动帐号(帐号禁用帐号) /// </summary> /// <param name="loginName"></param> /// <returns></returns> public static bool EnabledUser(string loginName, bool userEnabled) { using (DirectoryEntry NewUser = ADHelper.GetDirectoryEntryByAccount(loginName)) { try { ActiveDs.IADsUser user = (ActiveDs.IADsUser)NewUser.NativeObject; user.AccountDisabled = !userEnabled; user.SetInfo(); NewUser.CommitChanges(); return(true); } catch { return(false); } } }
//更改密码 public static bool ChangePassword(string loginName, string newPassword, ref string errMsg) { DirectoryEntry NewUser = ADHelper.GetDirectoryEntryByAccount(loginName); try { ActiveDs.IADsUser user = (ActiveDs.IADsUser)NewUser.NativeObject; user.SetPassword(newPassword); NewUser.CommitChanges(); return(true); } catch (Exception ex) { errMsg = ex.ToString(); return(false); } }
public void Update() { UpdateSuccessful = false; if (Domain != "" && UserName != "") { try { PrincipalContext currentContext; if (this.Domain != Environment.MachineName) { currentContext = new PrincipalContext(ContextType.Domain); this.Context = "Domain/Active Directory"; } else { currentContext = new PrincipalContext(ContextType.Machine); this.Context = "Machine"; } UserPrincipal userPrincipal = UserPrincipal.FindByIdentity(currentContext, UserName); FullName = userPrincipal.DisplayName; FirstName = userPrincipal.GivenName; PasswordNeverExpires = userPrincipal.PasswordNeverExpires; AllowedToChangePassword = !userPrincipal.UserCannotChangePassword; EmployeeId = userPrincipal.EmployeeId; PasswordLastChangedDate = (DateTime)userPrincipal.LastPasswordSet; PasswordRequired = !userPrincipal.PasswordNotRequired; DirectoryEntry directoryEntry = (DirectoryEntry)userPrincipal.GetUnderlyingObject(); ActiveDs.IADsUser nativeUser = (ActiveDs.IADsUser)directoryEntry.NativeObject; PasswordExpirationDate = nativeUser.PasswordExpirationDate; } catch (Exception ex) { this.ErrorMessage = ex.Message; } } }
/// <summary> /// 用户在AD中是否存在 /// </summary> /// <param name="account"></param> /// <param name="userState">返回用户的状态</param> /// <returns></returns> public static bool UserExits(string account, ref int userState) { DirectoryEntry adUser = ADHelper.GetDirectoryEntryByAccount(account); if (adUser != null) { try { ActiveDs.IADsUser user = (ActiveDs.IADsUser)adUser.NativeObject; userState = user.AccountDisabled ? 0 : 1; } catch { userState = -1; } return(true); } return(false); }
private bool SearchUserByOU(DirectoryEntry ouEntry, ref List <CBUserEntity> userADlist) { bool bResult = false; try { DirectorySearcher Ad_deSearch = new DirectorySearcher(); Ad_deSearch.SearchRoot = ouEntry; Ad_deSearch.Filter = "(&(objectClass=user))"; Ad_deSearch.SearchScope = SearchScope.OneLevel; Ad_deSearch.PageSize = 100000; SearchResultCollection results = Ad_deSearch.FindAll(); if (results != null && results.Count > 0) { CBUserEntity user = null; DirectoryEntry CN = null; foreach (SearchResult Result in results) { user = new CBUserEntity(); CN = Result.GetDirectoryEntry(); if (CN.Properties["userPrincipalName"].Value != null) { int TempuserAccountControl = 0; if (CN.Properties["userAccountControl"].Value != null) { TempuserAccountControl = Convert.ToInt32(CN.Properties["userAccountControl"][0]); } user.UserID = CN.Guid; user.SAMAccountName = CN.Properties["sAMAccountName"].Value == null ? "" : Convert.ToString(CN.Properties["sAMAccountName"].Value); user.Displayname = CN.Properties["displayname"].Value == null ? "" : Convert.ToString(CN.Properties["displayname"].Value); user.DistinguishedName = CN.Properties["distinguishedName"].Value == null ? "" : Convert.ToString(CN.Properties["distinguishedName"].Value); user.UserPrincipalName = CN.Properties["userPrincipalName"].Value == null ? "" : Convert.ToString(CN.Properties["userPrincipalName"].Value); user.Mail = CN.Properties["mail"].Value == null ? "" : Convert.ToString(CN.Properties["mail"].Value); user.PasswordExpired = (TempuserAccountControl & 8388608) != 0 ? true : false; ActiveDs.IADsUser native = (ActiveDs.IADsUser)CN.NativeObject; user.PasswordExpireTime = native == null?Convert.ToDateTime("1900-01-01") : native.PasswordExpirationDate; //user.PasswordExpireTime = DateTime.Parse(CN.InvokeGet("PasswordExpirationDate").ToString()); user.PasswordNerverExpire = (TempuserAccountControl & 65536) != 0 ? true : false; user.WhenChanged = CN.Properties["whenChanged"].Value == null?Convert.ToDateTime("1900-01-01") : DateTime.Parse(Convert.ToString(CN.Properties["whenChanged"].Value)).ToLocalTime(); user.WhenCreated = CN.Properties["whenCreated"].Value == null?Convert.ToDateTime("1900-01-01") : DateTime.Parse(Convert.ToString(CN.Properties["whenCreated"].Value)).ToLocalTime(); user.IsDisable = (TempuserAccountControl & 2) != 0 ? true : false; long Templastlogon = 0; if (CN.Properties["lastLogonTimestamp"].Value != null) { Templastlogon = GetLongValue((IADsLargeInteger)CN.Properties["lastLogonTimestamp"].Value); } user.LastLogon = Templastlogon > 0 ? DateTime.FromFileTimeUtc(Templastlogon).AddHours(8) : Convert.ToDateTime("1900-01-01"); #region 从两台AD取lastlogon #endregion //AD用户 与 部门不从AD属性中读取 //DirectoryEntry TempParent = CN.Parent; //string strTempParentdistinguishedName = TempParent.Properties["distinguishedName"].Value == null ? "" : Convert.ToString(TempParent.Properties["distinguishedName"].Value); //string strCompany = string.Empty; //string strDepartment = string.Empty; //string strSetUserCompanyAndDepartmentError = string.Empty; //if (SetUserCompanyAndDepartment(strTempParentdistinguishedName, out strCompany, out strDepartment, out strSetUserCompanyAndDepartmentError)) //{ // //更改AD该用户的属性 // CN.Properties["company"].Value = strCompany; // CN.Properties["department"].Value = strDepartment; // CN.CommitChanges(); //} //else //{ // Log4netHelper.Error(string.Format("SetUserCompanyAndDepartment 设置User:{0}公司/部门属性 Error:{1} ", user.DistinguishedName, strSetUserCompanyAndDepartmentError)); //} userADlist.Add(user); } CN.Close(); CN.Dispose(); } } bResult = true; } catch (Exception ex) { Log4netHelper.Error("SearchUserByOU Exception: " + ex.ToString()); } finally { } return(bResult); }
public void Update() { UpdateSuccessful = false; if (Domain != "" && UserName != "") { try { PrincipalContext currentContext; if (this.Domain != Environment.MachineName) { currentContext = new PrincipalContext(ContextType.Domain); this.Context = "Domain/Active Directory"; } else { currentContext = new PrincipalContext(ContextType.Machine); this.Context = "Machine"; } UserPrincipal userPrincipal = UserPrincipal.FindByIdentity(currentContext, UserName); FullName = userPrincipal.DisplayName; FirstName = userPrincipal.GivenName; PasswordNeverExpires = userPrincipal.PasswordNeverExpires; AllowedToChangePassword = !userPrincipal.UserCannotChangePassword; EmployeeId = userPrincipal.EmployeeId; PasswordLastChangedDate = (DateTime)userPrincipal.LastPasswordSet; PasswordRequired = !userPrincipal.PasswordNotRequired; DirectoryEntry directoryEntry = (DirectoryEntry)userPrincipal.GetUnderlyingObject(); ActiveDs.IADsUser nativeUser = (ActiveDs.IADsUser)directoryEntry.NativeObject; PasswordExpirationDate = nativeUser.PasswordExpirationDate; } catch (Exception ex) { this.ErrorMessage = ex.Message; } //DirectoryEntry LdapEntry = new DirectoryEntry($"LDAP://{Domain}"); // DirectorySearcher LdapSearcher = new DirectorySearcher(); // SearchResult searchResult; // LdapSearcher.SearchRoot = LdapEntry; // LdapSearcher.Filter = $"(&(sAMAccountName={UserName}))"; // LdapSearcher.SearchScope = SearchScope.Subtree; // LdapSearcher.PropertiesToLoad.Add("pwdLastSet"); // LdapSearcher.PropertiesToLoad.Add("userAccountControl"); // try // { // searchResult = LdapSearcher.FindOne(); // if (searchResult != null && ErrorMessage == "") // { // } // } // catch (Exception ex) // { // ErrorMessage = $"ADUser: {ex.Message}"; // } //} } }
public static void Create_Snapshot() { object authenticate = null; object mvarsError = null; object memberOF = null; object mstr = null; object f = null; //oCont) string appstr = null; string govstr = null; string strc = null; string strDepartment = null; ActiveDs.IADsUser oUser = default(ActiveDs.IADsUser); ActiveDs.IADsContainer oContainer = default(ActiveDs.IADsContainer); ActiveDs.IADsOpenDSObject dso = default(ActiveDs.IADsOpenDSObject); string xas = null; string appl = null; string[] a = null; string[] temparray = null; string tempstr = null; string[] aGovernment = null; object entry = null; int temporaryDate2 = 0; int date2 = 0; int i = 0; int y = 0; int mcount = 0; object mmax = null; string strApps = null; string strGovt = null; int UCount = 0; Microsoft.VisualBasic.Collection colGovernment = new Microsoft.VisualBasic.Collection(); Microsoft.VisualBasic.Collection colApplications = new Microsoft.VisualBasic.Collection(); string memberOFS = ""; SqlConnection cnVIP_EXP = new SqlConnection(); cnVIP_EXP.ConnectionString = My.Settings.VIP_EXPANDEDConnectionString; SqlConnection cnADS2 = new SqlConnection(); SqlConnection cnADS = new SqlConnection(); cnADS.ConnectionString = My.Settings.AdsConnectionString; cnADS2.ConnectionString = My.Settings.AdsConnectionString; SqlCommand cmdADS2 = new SqlCommand("AD_SNAPSHOT_ALL_INSERT", cnADS); SqlCommand cmdADS3 = new SqlCommand("AD_SNAPSHOT_ALL_DELETE_ALL", cnADS); SqlCommand cmdADS4 = new SqlCommand("GetPROVDescription", cnADS2); SqlCommand cmdADS5 = new SqlCommand("GetSNAMEDept", cnADS2); cmdADS2.CommandType = CommandType.StoredProcedure; cmdADS3.CommandType = CommandType.StoredProcedure; cmdADS4.CommandType = CommandType.StoredProcedure; cmdADS5.CommandType = CommandType.StoredProcedure; SqlParameter pUCount = new SqlParameter("@UCount", SqlDbType.BigInt); SqlParameter pPersalnr = new SqlParameter("@PersalNr", SqlDbType.VarChar, 8); SqlParameter pAccountNr = new SqlParameter("@AccountNr", SqlDbType.VarChar, 9); SqlParameter pNatProv = new SqlParameter("@NatProv ", SqlDbType.VarChar, 20); SqlParameter pVote = new SqlParameter("@Vote", SqlDbType.VarChar, 55); SqlParameter pDeptCode = new SqlParameter("@DeptCode", SqlDbType.VarChar, 9); SqlParameter pEMail = new SqlParameter("@EMail", SqlDbType.VarChar, 150); SqlParameter pCell = new SqlParameter("@Cell", SqlDbType.VarChar, 20); SqlParameter pPhone = new SqlParameter("@Phone", SqlDbType.VarChar, 20); SqlParameter pFirstName = new SqlParameter("@FirstName", SqlDbType.VarChar, 20); SqlParameter pLastname = new SqlParameter("@Lastname", SqlDbType.VarChar, 40); SqlParameter pApplMember = new SqlParameter("@ApplMember", SqlDbType.VarChar, 500); SqlParameter pDeptMember = new SqlParameter("@DeptMember", SqlDbType.VarChar, 4000); SqlParameter pDepartment = new SqlParameter("@Department", SqlDbType.VarChar, 10); SqlParameter pAccountDisabled = new SqlParameter("@AccountDisabled", SqlDbType.SmallInt); SqlParameter pLOGIS = new SqlParameter("@LOGIS", SqlDbType.SmallInt); SqlParameter pHR = new SqlParameter("@HR", SqlDbType.SmallInt); SqlParameter pFINANCIALS = new SqlParameter("@FINANCIALS", SqlDbType.SmallInt); SqlParameter pGFS = new SqlParameter("@GFS", SqlDbType.SmallInt); SqlParameter pDPSA = new SqlParameter("@DPSA", SqlDbType.SmallInt); SqlParameter pSNAME = new SqlParameter("@SNAME", SqlDbType.VarChar, 9); ClsCrypto enc = new ClsCrypto(); dso = Interaction.GetObject("LDAP:"); oContainer = dso.OpenDSObject("LDAP://" + My.Settings.IP_ADDRESS_PRD + "/" + My.Settings.AD_USERS_PRD, My.Settings.ADSMasterUsername_PRD, enc.Dekodeer128(My.Settings.ADSMasterPassword_PRD.ToString), 0); cnADS.Open(); cmdADS3.ExecuteNonQuery(); foreach (oUser in oContainer) { UCount += 1; pUCount.Value = UCount; mcount = mcount + 1; switch (Strings.LCase(oUser.Class)) { case "user": if ((Strings.Trim(oUser.SAMaccountname) != null)) { frmMain.tsADPosition.Text = oUser.samaccountname; pSNAME.Value = oUser.Department.ToLower.ToString.Trim + ""; cmdADS5.Parameters.Add(pSNAME); cnADS2.Open(); pVote.Value = cmdADS5.ExecuteScalar().ToString() + ""; cnADS2.Close(); cmdADS5.Parameters.Remove(pSNAME); // ERROR: Not supported in C#: OnErrorStatement pAccountNr.Value = oUser.SAMaccountname.ToString.Trim + ""; cmdADS4.Parameters.Add(pSNAME); cnADS2.Open(); pNatProv.Value = cmdADS4.ExecuteScalar().ToString() + ""; cnADS2.Close(); cmdADS4.Parameters.Remove(pSNAME); pDeptCode.Value = pSNAME.Value + ""; if (Information.IsDBNull(Strings.Trim(oUser.EmailAddress))) { pEMail.Value = "No Email"; } else { pEMail.Value = oUser.EmailAddress.ToLower.Trim + ""; } if (Information.IsDBNull(Convert.ToString(oUser.TelephoneMobile)) | (oUser.TelephoneMobile == null)) { pCell.Value = "No Mobile"; } else { pCell.Value = Strings.Replace(Strings.Replace(Convert.ToString(oUser.TelephoneMobile), "(", ""), ")", ""); } if (Information.IsDBNull(Convert.ToString(oUser.TelephoneNumber))) { pPhone.Value = "No TelephoneNumber"; } else { pPhone.Value = Strings.Replace(Strings.Replace(oUser.TelephoneNumber.ToString, "(", ""), ")", "") + ""; } if (Information.IsDBNull(oUser.FirstName)) { pFirstName.Value = "No Firstname"; } else { pFirstName.Value = oUser.FirstName.Trim + ""; } if (Information.IsDBNull(oUser.LastName)) { pLastname.Value = "No LastName"; } else { pLastname.Value = oUser.LastName.Trim + ""; } memberOF = oUser.GetEx("MemberOf"); if (Err().Number == -2147463155) { colApplications.Add("INVALID USER"); colGovernment.Add("INVALID USER"); pLOGIS.Value = 0; pDPSA.Value = 0; pGFS.Value = 0; pHR.Value = 0; pFINANCIALS.Value = 0; } else { // Start with the new structure. memberOFS = ""; foreach (object entry_loopVariable in memberOF) { entry = entry_loopVariable; //Clear collections if ((Strings.InStr(1, Strings.UCase(entry), "GOVERNMENT") > 0 | Strings.InStr(1, Strings.UCase(entry), "VUL TS USERS") > 0 | Strings.InStr(1, Strings.UCase(entry), "APPLICATION") > 0) & Strings.InStr(1, Strings.UCase(entry), "CN=") > 0) { entry = Strings.Replace(Strings.Replace(entry, "OU=", ""), "CN=", ""); temparray = Strings.Split(entry, ","); tempstr = Strings.Replace(temparray[0], "_ACCESS_ALL", ""); tempstr = Strings.Replace(tempstr, "_ALL_ACCESS", ""); tempstr = Strings.Replace(tempstr, "_SEC32", ""); if (Strings.InStr(1, Strings.UCase(entry), "GOVERNMENT") > 0) { colGovernment.Add(tempstr); } else if (Strings.InStr(1, Strings.UCase(entry), "APPLICATION") > 0 | Strings.InStr(1, Strings.UCase(entry), "VUL TS USERS") > 0) { memberOFS = memberOFS + " " + tempstr + ""; colApplications.Add(tempstr); } } } pLOGIS.Value = (Strings.InStr(1, memberOFS, "LOGIS.") > 0 ? 1 : 0); pDPSA.Value = (Strings.InStr(1, memberOFS, "DPSA.") > 0 ? 1 : 0); pGFS.Value = (Strings.InStr(1, memberOFS, "GFS.") > 0 ? 1 : 0); pHR.Value = (Strings.InStr(1, memberOFS, "HR.") > 0 ? 1 : 0); pFINANCIALS.Value = (Strings.InStr(1, memberOFS, "FINANCIALS.") > 0 ? 1 : 0); } strApps = ""; for (y = 1; y <= colApplications.Count(); y++) { if (Strings.Len(strApps) == 0) { strApps = colApplications[y]; } else { strApps = strApps + "," + colApplications[y] + ""; } } if (Strings.Len(Strings.Trim(strApps)) == 0) { strApps = "INVALID USER"; } pApplMember.Value = strApps; strGovt = ""; for (y = 1; y <= colGovernment.Count(); y++) { if (Strings.Len(strGovt) == 0) { strGovt = colGovernment[y]; } else { strGovt = strGovt + "," + colGovernment[y] + ""; } } pDeptMember.Value = strGovt; strDepartment = ""; strDepartment = oUser.Department + ""; if (Strings.Len(Strings.Trim(strDepartment)) == 0) { pDepartment.Value = "No Department"; } else { pDepartment.Value = oUser.Department + ""; } if ((Convert.ToString(oUser.AccountDisabled)).ToUpper().Trim() == "TRUE") { pAccountDisabled.Value = 1; } else { pAccountDisabled.Value = 0; } //pAccountDisabled.Value = CStr(oUser.AccountDisabled) cmdADS2.Parameters.Add(pAccountNr); cmdADS2.Parameters.Add(pNatProv); cmdADS2.Parameters.Add(pVote); cmdADS2.Parameters.Add(pDeptCode); cmdADS2.Parameters.Add(pEMail); cmdADS2.Parameters.Add(pCell); cmdADS2.Parameters.Add(pPhone); cmdADS2.Parameters.Add(pFirstName); cmdADS2.Parameters.Add(pLastname); cmdADS2.Parameters.Add(pApplMember); cmdADS2.Parameters.Add(pDeptMember); cmdADS2.Parameters.Add(pDepartment); cmdADS2.Parameters.Add(pAccountDisabled); cmdADS2.Parameters.Add(pLOGIS); cmdADS2.Parameters.Add(pHR); cmdADS2.Parameters.Add(pFINANCIALS); cmdADS2.Parameters.Add(pGFS); cmdADS2.Parameters.Add(pDPSA); cmdADS2.Parameters.Add(pUCount); //cmdADS2.Parameters.Add(pAccCreated) //cmdADS2.Parameters.Add(pAccModified) //************************** cmdADS2.ExecuteNonQuery(); //************************** cmdADS2.Parameters.Remove(pAccountNr); cmdADS2.Parameters.Remove(pNatProv); cmdADS2.Parameters.Remove(pVote); cmdADS2.Parameters.Remove(pDeptCode); cmdADS2.Parameters.Remove(pEMail); cmdADS2.Parameters.Remove(pCell); cmdADS2.Parameters.Remove(pPhone); cmdADS2.Parameters.Remove(pFirstName); cmdADS2.Parameters.Remove(pLastname); cmdADS2.Parameters.Remove(pApplMember); cmdADS2.Parameters.Remove(pDeptMember); cmdADS2.Parameters.Remove(pDepartment); cmdADS2.Parameters.Remove(pAccountDisabled); cmdADS2.Parameters.Remove(pLOGIS); cmdADS2.Parameters.Remove(pHR); cmdADS2.Parameters.Remove(pFINANCIALS); cmdADS2.Parameters.Remove(pGFS); cmdADS2.Parameters.Remove(pDPSA); colGovernment.Clear(); colApplications.Clear(); } break; } Err().Clear(); } frmMain.tsADPosition.Text = ""; CloseMe: goto cleanup; err_handler: mvarsError = "{ADS4.authenticate} authenticate: (" + Err().Number + ") " + Err().Description; Err().Clear(); authenticate = false; cleanup: oUser = null; memberOF = null; oContainer = null; oUser = null; dso = null; colGovernment = null; colApplications = null; cnADS.Close(); cnADS = null; }