/// <summary>
///设置帐号密码,管理员可以通过它来修改指定帐号的密码。
///用户帐号
///用户新密码
/// </summary>
/// <param name="sAMAccountName"></param>
/// <param name="newPassword"></param>
public static void SetPasswordByAccount(string sAMAccountName, string newPassword)
{
DirectoryEntry de = GetDirectoryEntryByAccount(sAMAccountName);
// 模拟超级管理员,以达到有权限修改用户密码
IdentityImpersonation impersonate = new IdentityImpersonation(ADUser, ADPassword, DomainName);
impersonate.BeginImpersonate();
de.Invoke("SetPassword", new object[] { newPassword });
impersonate.StopImpersonate();
de.Close();
}
public static bool ChangePassword(string currentName, string newPwd, string oldPwd)
{
bool resetResult = false;
try
{
string container = ConfigurationSettings.AppSettings["CMICTLDAPDomain"].ToString();
string LDAPPath = ConfigurationSettings.AppSettings["CMICTLDAPIP"].ToString();
LDAPPath = LDAPPath.TrimEnd('/') + "/" + container;
int index = currentName.IndexOf("\\");
string userName = ADUser;
string pwd = ADPassword;
string personName = currentName.Substring(index + 1);
string domain = currentName.Substring(0, index);
DirectoryEntry searchRoot = new DirectoryEntry(LDAPPath, userName, pwd, AuthenticationTypes.Secure);
DirectorySearcher deSearch = new DirectorySearcher(searchRoot);
deSearch.Filter = "(&(&(objectCategory=person)(objectClass=user))(samaccountName=" + personName + "))";
SearchResult result = deSearch.FindOne();
DirectoryEntry userEntry = result.GetDirectoryEntry();
// 模拟超级管理员,以达到有权限修改用户密码
IdentityImpersonation impersonate = new IdentityImpersonation(userName, pwd, domain);
impersonate.BeginImpersonate();
userEntry.Invoke("ChangePassword", new object[2] {
oldPwd, newPwd
});
//userEntry.Invoke("SetPassword", new object[] { newPwd });
userEntry.CommitChanges();
userEntry.Close();
impersonate.StopImpersonate();
resetResult = true;
}
catch (Exception ex)
{
throw ex;
resetResult = false;
}
return(resetResult);
}
