[资料搜存]windows domain

水如烟 2009-01-03 12:29:46
资料搜集寄存贴.

现状:
上级公司要求我们公司的近两百台计算机和两百多帐号注册到它的域.给了我们注册特权帐号.
域已由他们建起三层组织(OU):部门/分公司/总公司员工帐号.
我们的员工应注册到相应的部门中去.

问题:总不能在控制台上一个个注册吧?

目前的解决方法:
用DirectoryEntry处理组织(OU),
用UserPrincipal、ComputerPrincipal处理帐号和计算机。

涉及移动的(如帐号),还得需要DirectoryEntry处理。

...全文
167 7 打赏 收藏 转发到动态 举报
写回复
用AI写文章
7 条回复
切换为时间正序
请发表友善的回复…
发表回复
ijwsoft 2009-01-04
  • 打赏
  • 举报
回复
STRONG
水如烟 2009-01-03
  • 打赏
  • 举报
回复
''' <summary>
''' 用户帐号属性
''' </summary>
<Flags()> _
Public Enum ADS_UF
''' <summary>
''' 将执行登录脚本
''' </summary>
SCRIPT = &H1
''' <summary>
''' 禁用帐户
''' </summary>
ACCOUNTDISABLE = &H2
''' <summary>
''' 帐户需要主目录
''' </summary>
HOMEDIR_REQUIRED = &H8
''' <summary>
''' 锁定帐户
''' </summary>
LOCKOUT = &H10
''' <summary>
''' 帐户不需要密码
''' </summary>
PASSWD_NOTREQD = &H20
''' <summary>
''' 用户不能更改密码
''' </summary>
PASSWD_CANT_CHANGE = &H40
''' <summary>
''' 允许加密文本密码
''' </summary>
ENCRYPTED_TEXT_PASSWORD_ALLOWED = &H80
''' <summary>
''' 帐户密码永不过期
''' </summary>
DONT_EXPIRE_PASSWD = &H10000
''' <summary>
''' 登录需要使用智能卡
''' </summary>
SMARTCARD_REQUIRED = &H40000
''' <summary>
''' 密码已过期
''' </summary>
PASSWORD_EXPIRED = &H800000
End Enum
水如烟 2009-01-03
  • 打赏
  • 举报
回复
水如烟 2009-01-03
  • 打赏
  • 举报
回复

Public Function GetUserPrincipalBySamAccountName(ByVal samAccountName As String) As UserPrincipal
Dim context As PrincipalContext = Me.GetPrincipalContext(Me.DepartmentContainer)
Dim user As New UserPrincipal(context)
user.SamAccountName = samAccountName
Dim search As New PrincipalSearcher(user)
Dim result As UserPrincipal = CType(search.FindOne, UserPrincipal)

search.Dispose()
user.Dispose()

Return result
End Function

Public Function GetUserPrincipalAll() As UserPrincipal()
Return GetUserPrincipalAll("*")
End Function

Public Function GetUserPrincipalAll(ByVal name As String) As UserPrincipal()
Dim context As PrincipalContext = Me.GetPrincipalContext(Me.DepartmentContainer)
Dim user As New UserPrincipal(context)
user.Name = name
Dim search As New PrincipalSearcher(user)

Dim list As New List(Of UserPrincipal)
For Each p As Principal In search.FindAll
list.Add(CType(p, UserPrincipal))
Next

search.Dispose()
user.Dispose()

Return list.ToArray
End Function

Public Function IsExistsUserByName(ByVal name As String) As Boolean
Return Me.GetUserPrincipalByName(name) IsNot Nothing
End Function

Public Function IsExistsUserBySamAccountName(ByVal samAccountName As String) As Boolean
Return Me.GetUserPrincipalBySamAccountName(samAccountName) IsNot Nothing
End Function

Public Function UserAdd(ByVal samAccountName As String, ByVal name As String, ByRef resultMsg As String, Optional ByVal pass As String = "5354") As Boolean
If String.IsNullOrEmpty(Company) Then
resultMsg = "须指定公司"
Return False
End If

If String.IsNullOrEmpty(Me.Department) Then
resultMsg = "须指定部门"
Return False
End If

If String.IsNullOrEmpty(samAccountName) Then
resultMsg = "须指定帐号"
Return False
End If

If String.IsNullOrEmpty(name) Then
resultMsg = "须指定登录名称"
Return False
End If

If IsExistsUserByName(name) Then
resultMsg = "帐号已存在。"
Return False
End If

If IsExistsUserBySamAccountName(samAccountName) Then
resultMsg = "帐号已存在。"
Return False
End If

resultMsg = ""

Dim context As PrincipalContext = Me.GetPrincipalContext(Me.DepartmentContainer)
Dim newUser As New UserPrincipal(context, name, pass, True)
With newUser
.SamAccountName = samAccountName
.Surname = .Name.Substring(0, 1)
.GivenName = .Name.Substring(1)
.Description = String.Concat(Me.Company, "\", Me.Department)
.DisplayName = .Name
.UserPrincipalName = String.Concat(.SamAccountName, "@", zqDoamin)
End With
Try
newUser.Save()
newUser.ExpirePasswordNow()
Catch ex As Exception
resultMsg = ex.Message
End Try

Dim result As Boolean = newUser.Sid IsNot Nothing

newUser.Dispose()
context.Dispose()

Return result
End Function

Public Function OutputUserMessage(ByVal user As UserPrincipal) As String
If user Is Nothing Then Return "无此人"
Dim b As New StringBuilder

For Each p1 As Reflection.PropertyInfo In GetType(UserPrincipal).GetProperties
If p1.CanRead Then
Try
b.AppendLine(String.Format("{0}:{1}", p1.Name, p1.GetValue(user, Nothing).ToString))
Catch ex As Exception
End Try
End If
Next
Return b.ToString
End Function

Public Function GetDomainControllerInformation() As String
Dim controller As DomainController = Nothing

Try
controller = DomainController.FindOne(New DirectoryContext(DirectoryContextType.Domain, zqDoamin, Me.LogonUser, Me.LogonPass))
Catch ex As Exception
End Try

If controller Is Nothing Then Return "域服务器不存在" & vbCrLf

Dim b As New StringBuilder
For Each p As PropertyInfo In GetType(DomainController).GetProperties
If p.PropertyType Is GetType(String) OrElse p.PropertyType.IsValueType Then
b.AppendLine(String.Format("{0}:{1}", p.Name, p.GetValue(controller, Nothing)))
End If
Next

Return b.ToString
End Function
End Class
水如烟 2009-01-03
  • 打赏
  • 举报
回复
Public Class XXXXXXEmployeeContainer
Private Const zqDoamin As String = "xx.xxxx.local"
Private Const Server As String = "XXXXXX.xx.xxxx.local"
Private Const LdapHead As String = "LDAP://XXXXXX.xx.xxxx.local"
Private Const ContainerBase As String = "OU=XXXXXX员工账户,DC=xx,DC=xxxx,DC=local"

Private gCompany As String
Private gDepartment As String

Public Property Company() As String
Get
Return gCompany
End Get
Set(ByVal value As String)
gCompany = value
If gCompany IsNot Nothing Then gCompany = gCompany.Trim
End Set
End Property

Public Property Department() As String
Get
Return gDepartment
End Get
Set(ByVal value As String)
gDepartment = value
If gDepartment IsNot Nothing Then gDepartment = gDepartment.Trim
End Set
End Property

Private ReadOnly Property CompanyContainer() As String
Get
If String.IsNullOrEmpty(Me.Company) Then
Return ContainerBase
Else
Return String.Format("OU={0},{1}", Me.Company, ContainerBase)
End If
End Get
End Property

Private ReadOnly Property DepartmentContainer() As String
Get
If String.IsNullOrEmpty(Me.Company) Then
Return ContainerBase
ElseIf String.IsNullOrEmpty(Me.Department) Then
Return Me.CompanyContainer
Else
Return String.Format("OU={0},{1}", Me.Department, Me.CompanyContainer)
End If
End Get
End Property

Private Function GetLdapExpress(ByVal container As String) As String
If String.IsNullOrEmpty(container) Then Return LdapHead
Return String.Concat(LdapHead, "/", container)
End Function

Private Function GetLdapCompany() As String
Return Me.GetLdapExpress(Me.CompanyContainer)
End Function

Private Function GetLdapDepartment() As String
Return Me.GetLdapExpress(Me.DepartmentContainer)
End Function

Private gLogonUser As String
Private gLogonPass As String

Public Property LogonUser() As String
Get
Return gLogonUser
End Get
Set(ByVal value As String)
gLogonUser = value
End Set
End Property

Public Property LogonPass() As String
Protected Get
Return gLogonPass
End Get
Set(ByVal value As String)
gLogonPass = value
End Set
End Property


Private Function GetDirectoryEntry(ByVal ldapExpress As String) As DirectoryEntry
Return New DirectoryEntry(ldapExpress, Me.LogonUser, Me.LogonPass)
End Function

Private Function LdapIsValid(ByVal ldapExpress As String) As Boolean
Dim entry As DirectoryEntry = Me.GetDirectoryEntry(ldapExpress)
Dim valid As Boolean = True
Try
entry.RefreshCache()
Catch ex As Exception
valid = False
End Try
entry.Dispose()
Return valid
End Function

Public Function IsExistsCompany() As Boolean
If String.IsNullOrEmpty(Me.Company) Then Return False
Return LdapIsValid(Me.GetLdapCompany)
End Function

Public Function IsExistsDepartment() As Boolean
If String.IsNullOrEmpty(Me.Department) Then Return False
If Not IsExistsCompany() Then
Return False
Else
Return LdapIsValid(Me.GetLdapDepartment)
End If
End Function

Private Function GetPrincipalContext(ByVal container As String) As PrincipalContext
Return New PrincipalContext(ContextType.Domain, Server, container, LogonUser, LogonPass)
End Function

Public Function GetUserPrincipalByName(ByVal name As String) As UserPrincipal
Dim context As PrincipalContext = Me.GetPrincipalContext(Me.DepartmentContainer)
Dim user As New UserPrincipal(context)
user.Name = name
Dim search As New PrincipalSearcher(user)
Dim result As UserPrincipal = CType(search.FindOne, UserPrincipal)

search.Dispose()
user.Dispose()

Return result
End Function
wangjuenhui520 2009-01-03
  • 打赏
  • 举报
回复
多谢分享......
水如烟 2009-01-03
  • 打赏
  • 举报
回复
System.DirectoryServices.AccountManagement 命名空间对跨多个主体存储区(Active Directory 域服务 (AD DS)、
Active Directory 轻型目录服务 (AD LDS) 和计算机 SAM (MSAM))的用户、计算机和组安全主体提供统一的访问和操作。
System.DirectoryServices.AccountManagement 管理独立于 System.DirectoryServices 命名空间的目录对象

托管目录服务应用程序可以利用 AccountManagement API 来简化用户、计算机和组主体的管理。以前需要了解关于存储区
的复杂知识或冗长的代码才能完成的解决方案(比如查找某一用户属于的所有组),使用 AccountManagement API 只需几
行代码即可完成。

AccountManagement API 提供下面的功能

*简化基本目录操作(如创建和更新安全主体)。应用程序不需要对基础存储区具有很多的了解即可以执行这些操作。

*应用程序可以扩展对象模型以包括新的目录对象类型。

*简化帐户管理任务(如启用和禁用某一用户帐户)。

*跨存储区支持允许 Active Directory 域服务 (AD DS) 数据库、Active Directory 轻型目录服务 (AD LDS) 数据库和计
算机 SAM (MSAM) 数据库中的组对象包含不同类型存储区中的成员。

*在 PrincipalaSearcher 类上可用的示例查询搜索使应用程序能够在主体对象上设置属性和搜索所选的存储区以查找包含
匹配属性值的其他对象。

*对计算机、用户和组主体对象的增强搜索功能使应用程序能够搜索所选的存储区以查找匹配的主体对象。

*在组主体对象上可用的递归搜索使应用程序能够以递归方式搜索组并只返回作为叶节点的主体对象。

*简化对计算机 SAM、AD DS 和 AD LS 存储区的凭据验证。

*通过使用快速并发绑定 (FSB) 功能(可用时)提高连接速度。连接缓存减少了使用的端口数。

16,550

社区成员

发帖
与我相关
我的任务
社区描述
VB技术相关讨论,主要为经典vb,即VB6.0
社区管理员
  • VB.NET
  • 水哥阿乐
  • 无·法
加入社区
  • 近7日
  • 近30日
  • 至今
社区公告
暂无公告

试试用AI创作助手写篇文章吧