在Active Directory中添加新用户 [英] Add new user in Active Directory
问题描述
我使用VS2005的.NET 2.0 C#。
I am using VS2005 .NET 2.0 C#.
我目前引用到一个网站上的ASP网页上实施AD用户管理。
I am currently referencing to a website on implementing AD user management on asp webpage.
我曾经见过一个方法,它添加用户组
。
I have seen one method which adds user to group
.
不过,也有一些参数,我不明白,知道如何处理代替。
However, there are some parameters which I do not understand and know what to replace with.
下面是所提供的方法:
public void AddToGroup(string userDn, string groupDn)
{
try
{
DirectoryEntry dirEntry = new DirectoryEntry("LDAP://" + groupDn);
dirEntry.Properties["member"].Add(userDn);
dirEntry.CommitChanges();
dirEntry.Close();
}
catch (System.DirectoryServices.DirectoryServicesCOMException E)
{
//doSomething with E.Message.ToString();
}
}
用户DN
和 groupDn
已解释,但我还是不知道做什么,在它填补
userDn
and groupDn
has been explained but I still do not know what to fill in it
用户DN
:用户的distinguishedName来: CN =用户,OU =用户,DC = CONTOSO,DC = COM
groupDn
:组的distinguishedName来: CN =组,OU =团体,DC = CONTOSO,DC = COM
userDn
: the distinguishedName of the user: CN=user, OU=USERS, DC=contoso, DC=com
groupDn
: the distinguishedName of the group: CN=group,OU=GROUPS,DC=contoso,DC=com
我可以知道什么是2的参数和我在哪里可以买到他们?
May I know what are the 2 parameters and where can I get them from?
推荐答案
一个目录是一个至极树中的每个对象是一个节点。在这个TRE作为有一个专有名称(DN)每一个对象,它看起来有点像计算机的DNS名称。你可以看看你的活动目录使用Ldp.exe工具从工具箱的ressource一个LDAP视力(或本地installes上W2K8)。你会发现这里下一个LDAP AD视力
A directory is a tree in wich each object is a node. Each object in this tre as got a Distinguished Name (DN), it looks a bit like the DNS name of a computer. You can have look to your Active-Directory with an LDAP vision using LDP.EXE tool from the ressource kit (or natively installes on W2K8). You'll find here under one LDAP AD vision
为
你怎么能找到他们:
有关群组:
DirectoryEntry deBase = new DirectoryEntry("LDAP://dom.fr/dc=dom,dc=fr");
/* Directory Search for a group
*/
DirectorySearcher dsLookForGrp = new DirectorySearcher(deBase);
dsLookForGrp.Filter = String.Format("(cn={0})", "yourgroup");
dsLookForGrp.SearchScope = SearchScope.Subtree;
dsLookForGrp.PropertiesToLoad.Add("distinguishedName");
SearchResult srcGrp = dsLookForGrp.FindOne();
string groupDN = srcGrp.Properties["distinguishedName"][0];
有关用户:
/* Directory Search
*/
DirectorySearcher dsLookForUser = new DirectorySearcher(deBase);
dsLookForUser.Filter = String.Format("(&(objectCategory=person)(sAMAccountName={0}))", YourUser);
dsLookForUser.SearchScope = SearchScope.Subtree;
dsLookForUser.PropertiesToLoad.Add("distinguishedName");
dsLookForUser.PropertiesToLoad.Add("userPrincipalName ");
dsLookForUser.PropertiesToLoad.Add("sAMAccountName");
SearchResult srcUser = dsLookForUser.FindOne();
string userDN = srcUser .Properties["distinguishedName"][0];
这篇关于在Active Directory中添加新用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!