使用C＃的System.DirectoryServices用户远程管理Windows服务器上 [英] Users management on remote Windows server using C# System.DirectoryServices

问题描述

我写这将打开，以便管理本地帐户的远程Windows服务器的连接（不是Active Directory）的程序。所述程序执行以下步骤：

I've written a program which opens a connection to a remote Windows server in order to manage local accounts (not Active directory). The program executes the following steps:

• 在用户创建
• 将用户添加到组

这两种方法都使用System.DirectoryServices.AccountManagement， 这里的两个功能：

Both methods use System.DirectoryServices.AccountManagement, here the two functions:

public void CreateUser()
    {
        PrincipalContext pc = new PrincipalContext(ContextType.Machine,
            "host_ip",
            "adminaccount",
            "adminpassword");
        UserPrincipal up = new UserPrincipal(pc);

        up.Name = "user";
        up.DisplayName = "user";
        up.SetPassword("user");
        up.Description = "user";
        up.UserCannotChangePassword = true;
        up.PasswordNeverExpires = true;
        try
        {
            up.Save();
        }
        catch (Exception ex)
        {
        }
        try
        {
            AddToGroup(pc, up);
        }
        catch (Exception ex)
        {
        }
    }

    private void AddToGroup(PrincipalContext pc, UserPrincipal u)
    {
        string group = "Remote Desktop Users";

        GroupPrincipal groupPrincipal = GroupPrincipal.FindByIdentity(pc, group);
        if (groupPrincipal.Members.Contains(pc, IdentityType.SamAccountName, u.SamAccountName)) //error occurs here
        {
            return;
        }
        groupPrincipal.Members.Add(u);
        try
        {
            groupPrincipal.Save();
        }
        catch (Exception e)
        {
        }
    }

它的工作从今天早上起，用户创作总是成功，但我得到这个错误的行：

It worked since this morning, the User creation always succeed but I'm getting this error at line:

• 如果（groupPrincipal.Members.Contains（PC，IdentityType.SamAccountName，u.SamAccountName））

这是错误（1332），而发生   枚举组成员。该   成员的SID无法得到解决。

An error (1332) occurred while enumerating the group membership. The member's SID could not be resolved.

谢谢你的答案

推荐答案

如果这将帮助，但根据对<一本报告不知道href="http://connect.microsoft.com/VisualStudio/feedback/details/453812/principaloperationexception-when-enumerating-the-collection-groupprincipal-members"相对=nofollow> Microsoft连接，这可能与

Not sure if this will help, but according to this report on Microsoft Connect, this could be related:

System.DirectoryServices.AccountManagement组枚举当前版本有一个要求，即该组中的所有对象都可以访问或将引发异常。你们看到的是不再在ActiveDirectory中存在的本地组中列出的对象。由于该系统将不会自动删除这些链接，任何时候该组enumeratered它将失败。为prevent此故障消除在ActiveDirectory中不再存在的链接对象。我们正在研究进行更改的API​​在将来的版本，这将使这样的情况下更容易处理。

The current release of System.DirectoryServices.AccountManagement group enumeration has a requirement that all objects in the group are accessible or an exception will be thrown. What you are seeing is an object listed in the local group that no longer exists in ActiveDirectory. Since the system will not automatically remove these links, anytime this group is enumeratered it will fail. To prevent this failure remove the link to the object in ActiveDirectory that no longer exists. We are investigating making a change to the API in a future release that would make scenarios like this easier to deal with.

这篇关于使用C＃的System.DirectoryServices用户远程管理Windows服务器上的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！