} // End Function GetProcessUser public static void AddImpersonatedToGroup() { try { using (System.DirectoryServices.AccountManagement.PrincipalContext pcLocal = new System.DirectoryServices.AccountManagement.PrincipalContext( System.DirectoryServices.AccountManagement.ContextType.Machine ) ) { System.DirectoryServices.AccountManagement.GroupPrincipal group = System.DirectoryServices.AccountManagement.GroupPrincipal .FindByIdentity(pcLocal, "Administratoren") ; System.Console.WriteLine(group.DistinguishedName); using (System.DirectoryServices.AccountManagement.PrincipalContext pcDomain = new System.DirectoryServices.AccountManagement.PrincipalContext( System.DirectoryServices.AccountManagement.ContextType.Domain, "COMPANY") // "AAA" ) { group.Members.Add(pcDomain, System.DirectoryServices.AccountManagement.IdentityType.SamAccountName, "firstname.lastname"); group.Save(); }; }; } catch (System.Exception e) { System.Console.WriteLine(e.Message); } } // End Function AddImpersonatedToGroup
public static System.DirectoryServices.AccountManagement.GroupPrincipal New_DomainGroup(Args_New_DomainGroup args = null) { if (args == null) { args = new Args_New_DomainGroup(); } var ContextArguments = new Args_Get_PrincipalContext { Identity = args.SamAccountName, Domain = args.Domain, Credential = args.Credential }; var Context = GetPrincipalContext.Get_PrincipalContext(ContextArguments); if (Context != null) { var Group = new System.DirectoryServices.AccountManagement.GroupPrincipal(Context.Context); // set all the appropriate group parameters Group.SamAccountName = Context.Identity; if (!string.IsNullOrEmpty(args.Name)) { Group.Name = args.Name; } else { Group.Name = Context.Identity; } if (!string.IsNullOrEmpty(args.DisplayName)) { Group.DisplayName = args.DisplayName; } else { Group.DisplayName = Context.Identity; } if (!string.IsNullOrEmpty(args.Description)) { Group.Description = args.Description; } Logger.Write_Verbose($@"[New-DomainGroup] Attempting to create group '{args.SamAccountName}'"); try { Group.Save(); Logger.Write_Verbose($@"[New-DomainGroup] Group '{args.SamAccountName}' successfully created"); return(Group); } catch (Exception e) { Logger.Write_Warning($@"[New-DomainGroup] Error creating group '{args.SamAccountName}' : {e}"); } } return(null); }
public static void Add_DomainGroupMember(Args_Add_DomainGroupMember args = null) { if (args == null) { args = new Args_Add_DomainGroupMember(); } var ContextArguments = new Args_Get_PrincipalContext { Identity = args.Identity, Domain = args.Domain, Credential = args.Credential }; var GroupContext = GetPrincipalContext.Get_PrincipalContext(ContextArguments); System.DirectoryServices.AccountManagement.GroupPrincipal Group = null; if (GroupContext != null) { try { Group = System.DirectoryServices.AccountManagement.GroupPrincipal.FindByIdentity(GroupContext.Context, GroupContext.Identity); } catch (Exception e) { Logger.Write_Warning($@"[Add-DomainGroupMember] Error finding the group identity '{args.Identity}' : {e}"); } } if (Group != null) { PrincipalContextEx UserContext = null; var UserIdentity = string.Empty; foreach (var Member in args.Members) { if (Member.IsRegexMatch(@".+\\.+")) { ContextArguments.Identity = Member; UserContext = GetPrincipalContext.Get_PrincipalContext(ContextArguments); if (UserContext != null) { UserIdentity = UserContext.Identity; } } else { UserContext = GroupContext; UserIdentity = Member; } Logger.Write_Verbose($@"[Add-DomainGroupMember] Adding member '{Member}' to group '{args.Identity}'"); Group.Members.Add(System.DirectoryServices.AccountManagement.Principal.FindByIdentity(UserContext.Context, UserIdentity)); Group.Save(); } } }