在Active Directory中添加新用户 [英] Add new user in Active Directory

问题描述

我使用VS2005的.NET 2.0 C＃。

I am using VS2005 .NET 2.0 C#.

我目前引用到一个网站上的ASP网页上实施AD用户管理。

I am currently referencing to a website on implementing AD user management on asp webpage.

我曾经见过一个方法，它添加用户组。

I have seen one method which adds user to group.

不过，也有一些参数，我不明白，知道如何处理代替。

However, there are some parameters which I do not understand and know what to replace with.

下面是所提供的方法：

public void AddToGroup(string userDn, string groupDn)
{
    try
    {
        DirectoryEntry dirEntry = new DirectoryEntry("LDAP://" + groupDn);
        dirEntry.Properties["member"].Add(userDn);
        dirEntry.CommitChanges();
        dirEntry.Close();
    }
    catch (System.DirectoryServices.DirectoryServicesCOMException E)
    {
        //doSomething with E.Message.ToString();

    }
}

用户DN 和 groupDn 已解释，但我还是不知道做什么，在它填补

userDn and groupDn has been explained but I still do not know what to fill in it

用户DN ：用户的distinguishedName来： CN =用户​​，OU =用户，DC = CONTOSO，DC = COM
groupDn ：组的distinguishedName来： CN =组，OU =团体，DC = CONTOSO，DC = COM

userDn: the distinguishedName of the user: CN=user, OU=USERS, DC=contoso, DC=com groupDn: the distinguishedName of the group: CN=group,OU=GROUPS,DC=contoso,DC=com

我可以知道什么是2的参数和我在哪里可以买到他们？

May I know what are the 2 parameters and where can I get them from?

推荐答案

一个目录是一个至极树中的每个对象是一个节点。在这个TRE作为有一个专有名称（DN）每一个对象，它看起来有点像计算机的DNS名称。你可以看看你的活动目录使用Ldp.exe工具从工具箱的ressource一个LDAP视力（或本地installes上W2K8）。你会发现这里下一个LDAP AD视力

A directory is a tree in wich each object is a node. Each object in this tre as got a Distinguished Name (DN), it looks a bit like the DNS name of a computer. You can have look to your Active-Directory with an LDAP vision using LDP.EXE tool from the ressource kit (or natively installes on W2K8). You'll find here under one LDAP AD vision

为

你怎么能找到他们：

有关群组：

DirectoryEntry deBase = new DirectoryEntry("LDAP://dom.fr/dc=dom,dc=fr");
/* Directory Search for a group
 */
DirectorySearcher dsLookForGrp = new DirectorySearcher(deBase);
dsLookForGrp.Filter = String.Format("(cn={0})", "yourgroup");
dsLookForGrp.SearchScope = SearchScope.Subtree;
dsLookForGrp.PropertiesToLoad.Add("distinguishedName");
SearchResult srcGrp = dsLookForGrp.FindOne();

string groupDN = srcGrp.Properties["distinguishedName"][0];

有关用户：

/* Directory Search
 */
DirectorySearcher dsLookForUser = new DirectorySearcher(deBase);
dsLookForUser.Filter = String.Format("(&(objectCategory=person)(sAMAccountName={0}))", YourUser);
dsLookForUser.SearchScope = SearchScope.Subtree;
dsLookForUser.PropertiesToLoad.Add("distinguishedName");
dsLookForUser.PropertiesToLoad.Add("userPrincipalName  ");
dsLookForUser.PropertiesToLoad.Add("sAMAccountName");
SearchResult srcUser = dsLookForUser.FindOne();

string userDN = srcUser .Properties["distinguishedName"][0];

这篇关于在Active Directory中添加新用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！