活動目錄創建用戶

Question

我想通過C＃腳本將用戶添加到活動目錄。我在網上找到了這個腳本（我自己並沒有做到）。問題是，當我嘗試添加用戶時出現此錯誤：

指定的目錄服務屬性或值不存在。

這是代碼，我現在所擁有的：

private void buttonCreateUser_Click(object sender, EventArgs e) 
{ 
    CreateADSUser(textboxUsername.Text, textboxPassword.Text); 
} 

public string CreateADSUser(string username, string password) 
{ 
    String RootDSE; 
    try 
    { 
     DirectorySearcher DSESearcher = new DirectorySearcher(); 
     RootDSE = DSESearcher.SearchRoot.Path; 

     RootDSE = RootDSE.Insert(7, "CN=Users,"); 

     DirectoryEntry myDE = new DirectoryEntry(RootDSE); 
     DirectoryEntries myEntries = myDE.Children; 

     DirectoryEntry myDirectoryEntry = myEntries.Add("CN=" + username, "user"); 
     myDirectoryEntry.Properties["userPrincipalName"].Value = username; 
     myDirectoryEntry.Properties["name"].Value = username; 
     myDirectoryEntry.Properties["Password"].Value = password; 
     myDirectoryEntry.Properties["samAccountName"].Value = username; 
     myDirectoryEntry.Properties["FullName"].Value = username; 
     myDirectoryEntry.Properties["AccountDisabled"].Value = 0; 
     myDirectoryEntry.Properties["PasswordRequired"].Value = 1; 

     // Permanent Password? 
     myDirectoryEntry.Properties["permpass"].Value = 1; 
     myDirectoryEntry.CommitChanges(); 

     DSESearcher.Dispose(); 
     myDirectoryEntry.Dispose(); 

     textboxReports.Text = "Worked!"; 
     return "Worked!"; 
    } 
    catch (Exception ex) 
    { 
     textboxReports.Text = ex.Message; 
     return ex.Message; 
    } 
} 

Answer 1

沒關係，我已經得到了修復！

這是它看起來像現在：

using (var pc = new PrincipalContext(ContextType.Domain)) 
      { 
       using (var up = new UserPrincipal(pc)) 
       { 
        up.SamAccountName = textboxUsername.Text; // Username 
        up.EmailAddress = textboxEmail.Text; // Email 
        up.SetPassword(textboxPassword.Text); // Password 
        up.Enabled = true; 
        up.ExpirePasswordNow(); 
        up.Save(); 
       } 
      } 

Answer 2

這裏的問題是，沒有這些屬性的實際存在：

myDirectoryEntry.Properties["Password"].Value = password; 
myDirectoryEntry.Properties["FullName"].Value = username; 
myDirectoryEntry.Properties["AccountDisabled"].Value = 0; 
myDirectoryEntry.Properties["PasswordRequired"].Value = 1; 
myDirectoryEntry.Properties["permpass"].Value = 1; 

這個人是不是一個你寫：

myDirectoryEntry.Properties["name"].Value = username; 

爲了（從上到下）這裏是實際的屬性名稱：

• 密碼 - unicodePwd
• 全名 - displayName
• AccountDisabled - userAccountControl
• PasswordRequired - userAccountControl（其實你設定的逆 - 僅在不需要密碼）
• permPass - unicodePwd（不確定這個目標是什麼）

Answer 3

通過System.DirectoryServices.AccountManageme NT ..

   PrincipalContext ouContex = new PrincipalContext(ContextType.Domain, "TestDomain.local",   "OU=TestOU,DC=TestDomain,DC=local"); 

     for (int i = 0; i < 3; i++) 
     { 
      try 
      { 
       UserPrincipal up = new UserPrincipal(ouContex); 
       up.SamAccountName = "TestUser" + i; 
       up.SetPassword("password"); 
       up.Enabled = true; 
       up.ExpirePasswordNow(); 
       up.Save(); 
      } 
      catch (Exception ex) 
      { 

      } 
     } 

通過的System.DirectoryServices

To use this namespace you need to add reference System.DirectoryServices.dll 

     DirectoryEntry ouEntry = new DirectoryEntry("LDAP://OU=TestOU,DC=TestDomain,DC=local"); 

     for (int i = 3; i < 6; i++) 
     { 
      try 
      { 
       DirectoryEntry childEntry = ouEntry.Children.Add("CN=TestUser" + i, "user"); 
       childEntry.CommitChanges(); 
       ouEntry.CommitChanges(); 
       childEntry.Invoke("SetPassword", new object[] { "password" }); 
       childEntry.CommitChanges(); 
      } 
      catch (Exception ex) 
      { 

      } 
     }