C# 实现Windows组和用户管理 使用C#实现Windows组和用户管理的代码实例
xhubobo 人气:01、WindowsAccountHelper类实现
using System; using System.Collections.Generic; using System.DirectoryServices.AccountManagement; using System.Linq; public class WindowsAccountHelper { public static string LastErrorMsg { get; private set; } public static List<string> GetGroups() { var groups = new List<string>(); try { var context = new PrincipalContext(ContextType.Machine); var queryGroup = new GroupPrincipal(context); var searcher = new PrincipalSearcher(queryGroup); searcher.FindAll().ToList().ForEach(t => groups.Add(t.Name)); } catch (Exception) { groups.Clear(); } return groups; } public static List<string> GetGroupUsers(string groupName) { var group = GetGroup(groupName); return GetGroupUsers(group); } public static List<string> GetGroupUsers(GroupPrincipal group) { var users = new List<string>(); if (group == null) { return users; } group.GetMembers().ToList().ForEach(t => users.Add(t.Name)); return users; } public static GroupPrincipal GetGroup(string groupName) { GroupPrincipal group = null; try { var context = new PrincipalContext(ContextType.Machine); var queryGroup = new GroupPrincipal(context); var searcher = new PrincipalSearcher(queryGroup); foreach (var principal in searcher.FindAll()) { var groupPrincipal = (GroupPrincipal)principal; if (groupPrincipal != null && groupPrincipal.Name.Equals(groupName)) { group = groupPrincipal; break; } } } catch (Exception) { // ignored } return group; } public static GroupPrincipal CreateGroup(string groupName, string description, bool isSecurityGroup) { GroupPrincipal group; try { group = GetGroup(groupName); if (group == null) { var context = new PrincipalContext(ContextType.Machine); group = new GroupPrincipal(context) { Name = groupName, Description = description, IsSecurityGroup = isSecurityGroup, GroupScope = GroupScope.Local }; group.Save(); } } catch (Exception e) { LastErrorMsg = e.Message; group = null; } return group; } public static bool DeleteGroup(string groupName) { var group = GetGroup(groupName); if (group == null) { return true; } var ret = true; try { group.Delete(); } catch (Exception) { ret = false; } return ret; } public static bool CreateWindowsAccount(string userName, string password, string displayName, string description, bool cannotChangePassword, bool passwordNeverExpires, string groupName) { bool ret; try { var context = new PrincipalContext(ContextType.Machine); var group = GroupPrincipal.FindByIdentity(context, groupName); if (group == null) { return false; } ret = CreateWindowsAccount(userName, password, displayName, description, cannotChangePassword, passwordNeverExpires, group); } catch (Exception) { ret = false; } return ret; } public static bool CreateWindowsAccount(string userName, string password, string displayName, string description, bool cannotChangePassword, bool passwordNeverExpires, GroupPrincipal group) { bool ret; try { if (group == null) { return false; } var context = new PrincipalContext(ContextType.Machine); var user = UserPrincipal.FindByIdentity(context, userName) ?? new UserPrincipal(context); user.SetPassword(password); user.DisplayName = displayName; user.Name = userName; user.Description = description; user.UserCannotChangePassword = cannotChangePassword; user.PasswordNeverExpires = passwordNeverExpires; user.Save(); group.Members.Add(user); group.Save(); ret = true; } catch (Exception) { ret = false; } return ret; } public static bool DeleteWindowsAccount(List<string> userNameList) { var ret = true; try { foreach (var userName in userNameList) { var context = new PrincipalContext(ContextType.Machine); var user = UserPrincipal.FindByIdentity(context, userName); user?.Delete(); } } catch (Exception) { ret = false; } return ret; } public static bool ChangeUserGroup(string userName, string groupName) { bool ret; try { var context = new PrincipalContext(ContextType.Machine); var group = GroupPrincipal.FindByIdentity(context, groupName); if (group == null) { return false; } ret = ChangeUserGroup(userName, group); } catch (Exception) { ret = false; } return ret; } public static bool ChangeUserGroup(string userName, GroupPrincipal group) { bool ret; try { if (group == null) { return false; } var context = new PrincipalContext(ContextType.Machine); var user = UserPrincipal.FindByIdentity(context, userName); if (user == null) { return false; } if (!group.Members.Contains(user)) { group.Members.Add(user); group.Save(); } ret = true; } catch (Exception) { ret = false; } return ret; } public static int UpdateGroupUsers(string groupName, List<string> userNames, string password = "") { var group = CreateGroup(groupName, string.Empty, false); if (group == null) { return 0; } var userNameList = new List<string>(); userNameList.AddRange(userNames); var addedUsers = new List<string>(); int groupUserCount; try { foreach (var principal in group.GetMembers()) { var user = (UserPrincipal)principal; if (user == null) { continue; } if (userNameList.Contains(user.Name)) { //已有用户 addedUsers.Add(user.Name); } else { user.Delete(); } } //已有用户数 groupUserCount = addedUsers.Count; //剩余的即为需要添加的用户集合 foreach (var userName in addedUsers) { userNameList.Remove(userName); } //创建用户 foreach (var userName in userNameList) { if (CreateWindowsAccount(userName, password, userName, string.Empty, false, false, group)) { groupUserCount++; } } } catch (UnauthorizedAccessException) { groupUserCount = 0; } return groupUserCount; } }
2、使用示例
private bool CreateGroupUsers(string groupName, List<string> windowsUserList, string password, int userCount) { var group = WindowsAccountHelper.CreateGroup(groupName, string.Empty, true); if (group == null) { return false; } var userNames = WindowsAccountHelper.GetGroupUsers(group); foreach (var userName in WindowsUserList) { if (!userNames.Contains(userName)) { if (!WindowsAccountHelper.CreateWindowsAccount(userName, password, userName, string.Empty, false, false, group)) { return false; } } } return true; }
加载全部内容