public static void CreateUserDirectory(ENTUser ENTUser)
{
string path;
if (ENTUser.IsPupil)
{
// Eleves\1S1
path = Path.Combine(ELEVES_ROOT_DIRNAME, ENTUser.Division);
// D:\ENT_Root\Eleves\1S1\_Classe_
string classeRootPath = Path.Combine(RootDirectory, path, CLASSE_COMMONROOTDIR_DIRNAME);
if (!Directory.Exists(classeRootPath))
{
CreateRootClasseDirectories(classeRootPath, ENTUser.Division);
}
}
else
{
path = PROFS_ROOT_DIRNAME;
}
string userDirPath = Path.Combine(RootDirectory, path, ENTUser.SAMAccountName);
FileSystemAccessRule userCanModify = new FileSystemAccessRule(ENTUser.SAMAccountName,
FileSystemRights.Modify,
InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
PropagationFlags.None,
AccessControlType.Allow);
DirectorySecurity dirSec = new DirectorySecurity();
dirSec.AddAccessRule(userCanModify);
DirectoryInfo userDir = Directory.CreateDirectory(userDirPath, dirSec);
// permet de cocher la case "Inclure les autorisations pouvant être héritées du parent"
dirSec.SetAccessRuleProtection(false, true);
userDir.SetAccessControl(dirSec);
Directory.CreateDirectory(Path.Combine(userDirPath, DOCUMENTS_DIRNAME));
dirSec = Directory.GetAccessControl(Path.Combine(userDirPath, DOCUMENTS_DIRNAME));
FileSystemAccessRule userCannotModifyThisFolder = new FileSystemAccessRule(ENTUser.SAMAccountName,
FileSystemRights.Delete,
InheritanceFlags.None,
PropagationFlags.None,
AccessControlType.Deny);
dirSec.AddAccessRule(userCannotModifyThisFolder);
Directory.SetAccessControl(Path.Combine(userDirPath, DOCUMENTS_DIRNAME), dirSec);
}
public static UserPrincipal UpdateExistingUser(UserPrincipal user, ENTUser ENTUser)
{
if (user.GetProperty("info") != ENTUser.Password)
{
SetUserPassword(user, ENTUser.Password);
}
// if (user.GetProperty("division") != ENTUser.Division)
// {
// SetUserDivision(user, ENTUser.Division);
// }
return(user);
}
void AccountsCreatorDoWork(object sender, System.ComponentModel.DoWorkEventArgs e)
{
BackgroundWorker bw = sender as BackgroundWorker;
int i = 0;
int added = 0;
bw.ReportProgress(0, new int[] { 0, ENTUsers.Users.Count, 0 });
foreach (var ENTUser in ENTUsers.Users.Values)
{
if (!ENTUser.CreateAccountAndDirectory())
{
added++;
}
i++;
bw.ReportProgress(i * 100 / ENTUsers.Users.Count, new int[] { i, ENTUsers.Users.Count, ENTUsers.ADCreationFailed.Count, added });
}
}
// /// <summary>
// /// Force expire password of a user
// /// </summary>
// /// <param name="sUserName">The username to expire the password</param>
// public static void ExpireUserPassword(string upn)
// {
// UserPrincipal oUserPrincipal = GetUser(upn);
// oUserPrincipal.ExpirePasswordNow();
// oUserPrincipal.Save();
//
// }
// /// <summary>
// /// Unlocks a locked user account
// /// </summary>
// /// <param name="sUserName">The username to unlock</param>
// public static void UnlockUserAccount(string upn)
// {
// UserPrincipal oUserPrincipal = GetUser(upn);
// oUserPrincipal.UnlockAccount();
// oUserPrincipal.Save();
// }
public static UserPrincipal CreateNewUser(ENTUser ENTUser, out bool isExisting)
{
UserPrincipal foundUser;
isExisting = false;
if (IsUserExisting(ENTUser.UserPrincipalName, out foundUser))
{
isExisting = true;
return(UpdateExistingUser(foundUser, ENTUser)); // mise à jour du mot de passe de l'utilisateur
}
var ctx = GetPrincipalContext(ENTUser.IsPupil ? "Eleves" : "Profs");
var user = new UserPrincipal(ctx, ENTUser.SAMAccountName, ENTUser.Password, true);
user.UserPrincipalName = ENTUser.UserPrincipalName;
user.GivenName = ENTUser.GivenName;
user.Surname = ENTUser.SurName;
user.Name = String.Format("{0} {1} {2}", ENTUser.SurName, ENTUser.GivenName, ENTUser.UID);
user.Description = ENTUser.IsPupil ? ENTUser.Division : "Professeur";
user.DisplayName = String.Format("{0} {1}", ENTUser.GivenName, ENTUser.SurName);
user.EmployeeId = ENTUser.UID;
user.PasswordNotRequired = false;
user.UserCannotChangePassword = true;
user.PasswordNeverExpires = true;
user.Save();
user.SetProperty("profilePath", Path.Combine(LogonServer, UsersProfile));
user.SetProperty("scriptPath", ENTUser.IsPupil ? ElevesScript : ProfsScript);
user.SetProperty("employeeType", ENTUser.IsPupil ? "Élève" : "Professeur");
user.SetProperty("info", ENTUser.Password);
user.SetProperty("personalTitle", ENTUser.Title);
user.SetProperty("businessCategory", "ENT");
user.SetProperty("division", ENTUser.IsPupil ? ENTUser.Division : null);
return(user);
}