public ActionResult CreateUser(CreateUserVM user) { if (ModelState.IsValid) { using (var db = new ADWebDB()) { ADWeb.Core.Models.User newUser = Mapper.Map <User>(user); ADDomain domain = new ADDomain(); // Get User Template Settings so that we can use it to create // the user. UserTemplate userTemplate = db.UserTemplate .Find(user.UserTemplateID); UserTemplateSettings userTemplateSettings = new UserTemplateSettings(); userTemplateSettings.ChangePasswordAtNextLogon = userTemplate.ChangePasswordAtNextLogon; userTemplateSettings.UserCannotChangePassword = userTemplate.UserCannotChangePassword; userTemplateSettings.PasswordNeverExpires = userTemplate.PasswordNeverExpires; userTemplateSettings.AccountExpires = userTemplate.AccountExpires; userTemplateSettings.ExpirationRange = userTemplate.ExpirationRange; userTemplateSettings.ExpirationValue = userTemplate.ExpirationValue; userTemplateSettings.DomainOU = userTemplate.DomainOU.DistinguishedName; // When getting the groups associated with a user template, we // are only interested in getting those groups that are active (i.e. // they have not been removed by the admins of the application). If this is // not done, then there will be an error if a group happens to have been // added, removed and then added again by one of the administrators. This should // be a rare occurrance, but we have to check just to make sure no errors occur // when creating user accounts. foreach (var group in userTemplate.Groups.Where(u => u.Enabled == true).ToList()) { userTemplateSettings.Groups.Add(group.Name); } domain.CreateUserWithTemplate(newUser, userTemplateSettings); ADUser currentUser = domain.GetUserByID(User.Identity.Name); // Insert the account to the Database. Note: we are only // interested in basic information DomainUser newDomainUser = new DomainUser(); newDomainUser.DateCreated = DateTime.Now; newDomainUser.CreatedBy = currentUser.GivenName + " " + currentUser.Surname; newDomainUser.Username = newUser.Username; db.DomainUsers.Add(newDomainUser); db.SaveChanges(); TempData["user_created_successfully"] = newUser.FirstName + " " + newUser.LastName + " has been created successfully!"; return(RedirectToAction("ViewUser", new { user = user.Username })); } } return(View()); }
public void CreateUserWithTemplate(User user, UserTemplateSettings userTemplateSettings) { using (PrincipalContext context = new PrincipalContext(ContextType.Domain, ServerName, userTemplateSettings.DomainOU, ContextOptions.Negotiate, ServiceUser, ServicePassword)) { using (ADUser newUser = new ADUser(context)) { newUser.SamAccountName = user.Username; newUser.GivenName = user.FirstName; newUser.MiddleName = user.MiddleName; newUser.Surname = user.LastName; newUser.EmailAddress = user.EmailAddress; newUser.PhoneNumber = user.PhoneNumber; newUser.Title = user.Title; newUser.Department = user.Department; newUser.Notes = "Created by ADWeb on " + DateTime.Now.ToString() + "."; newUser.DisplayName = user.LastName + ", " + user.FirstName; //newUser.Name = user.LastName + ", " + user.FirstName; //newUser.CommonName = "CN=" + user.LastName + "\\, " + user.FirstName + "," + userTemplateSettings.DomainOU; newUser.UserPrincipalName = user.Username + UPNSuffix; newUser.Enabled = true; // Settings from the User template newUser.UserCannotChangePassword = userTemplateSettings.UserCannotChangePassword; if (userTemplateSettings.ChangePasswordAtNextLogon) { // This will force the user to change their password // the next time they login newUser.ExpirePasswordNow(); } newUser.PasswordNeverExpires = userTemplateSettings.PasswordNeverExpires; if (userTemplateSettings.AccountExpires) { // We have to determine how long until the user's account // will expire in relation to the date that it is being created. DateTime?expirationDate = new DateTime(); switch (userTemplateSettings.ExpirationRange) { case UserExpirationRange.Days: expirationDate = DateTime.Now.AddDays(userTemplateSettings.ExpirationValue.Value); break; case UserExpirationRange.Weeks: int totalDays = 7 * userTemplateSettings.ExpirationValue.Value; expirationDate = DateTime.Now.AddDays(totalDays); break; case UserExpirationRange.Months: expirationDate = DateTime.Now.AddMonths(userTemplateSettings.ExpirationValue.Value); break; case UserExpirationRange.Years: expirationDate = DateTime.Now.AddYears(userTemplateSettings.ExpirationValue.Value); break; default: break; } newUser.AccountExpirationDate = expirationDate; } newUser.SetPassword(user.Password); newUser.Save(); // Now now have to add the user to the groups associated with the user template. // Note: We are using RootDSE for now because we are looking at the whole domain. // This will need to be changed later on so that only certain OU's will be searched // for groups using (PrincipalContext groupContext = new PrincipalContext(ContextType.Domain, ServerName, null, ContextOptions.Negotiate, ServiceUser, ServicePassword)) { foreach (var grp in userTemplateSettings.Groups) { using (GroupPrincipal group = GroupPrincipal.FindByIdentity(groupContext, grp)) { if (group != null) { // This is being done to address Github Issue #79. For now we are using // the underlying DirectoryEntry object so that the application can be // hosted on a machine that is not part of the domain. DirectoryEntry groupDE = (DirectoryEntry)group.GetUnderlyingObject(); groupDE.Invoke("Add", new object[] { "LDAP://" + ServerName + "/" + newUser.DistinguishedName }); groupDE.Close(); //group.Members.Add(newUser); //group.Save(); } } } } } } }
public void CreateUserWithTemplate(User user, UserTemplateSettings userTemplateSettings) { using (PrincipalContext context = new PrincipalContext(ContextType.Domain, ServerName, userTemplateSettings.DomainOU, ContextOptions.Negotiate, ServiceUser, ServicePassword)) { using (ADUser newUser = new ADUser(context)) { newUser.SamAccountName = user.Username; newUser.GivenName = user.FirstName; newUser.MiddleName = user.MiddleName; newUser.Surname = user.LastName; newUser.EmailAddress = user.EmailAddress; newUser.PhoneNumber = user.PhoneNumber; newUser.Title = user.Title; newUser.Department = user.Department; newUser.Notes = "Created by ADWeb on " + DateTime.Now.ToString() + "."; newUser.DisplayName = user.LastName + ", " + user.FirstName + " " + user.Initials; newUser.UserPrincipalName = user.Username + UPNSuffix; newUser.Enabled = true; // Settings from the User template newUser.UserCannotChangePassword = userTemplateSettings.UserCannotChangePassword; if (userTemplateSettings.ChangePasswordAtNextLogon) { // This will force the user to change their password // the next time they login newUser.ExpirePasswordNow(); } newUser.PasswordNeverExpires = userTemplateSettings.PasswordNeverExpires; if (userTemplateSettings.AccountExpires) { // We have to determine how long until the user's account // will expire in relation to the date that it is being created. DateTime?expirationDate = new DateTime(); switch (userTemplateSettings.ExpirationRange) { case UserExpirationRange.Days: expirationDate = DateTime.Now.AddDays(userTemplateSettings.ExpirationValue.Value); break; case UserExpirationRange.Weeks: int totalDays = 7 * userTemplateSettings.ExpirationValue.Value; expirationDate = DateTime.Now.AddDays(totalDays); break; case UserExpirationRange.Months: expirationDate = DateTime.Now.AddMonths(userTemplateSettings.ExpirationValue.Value); break; case UserExpirationRange.Years: expirationDate = DateTime.Now.AddYears(userTemplateSettings.ExpirationValue.Value); break; default: break; } newUser.AccountExpirationDate = expirationDate; } newUser.SetPassword(user.Password); newUser.Save(); // Now add the user to the groups associated with the user template foreach (var grp in userTemplateSettings.Groups) { // We are using RootDSE for now because we are looking at the // whole domain. This will need to be changed later on so that // only certain OU's will be searched for groups using (PrincipalContext groupContext = new PrincipalContext(ContextType.Domain, ServerName, null, ContextOptions.Negotiate, ServiceUser, ServicePassword)) { GroupPrincipal group = GroupPrincipal.FindByIdentity(groupContext, grp); if (group != null) { group.Members.Add(newUser); group.Save(); } } } } } }