创建本地用户帐户 c# 和 .NET 2.0
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/384304/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Creating local user account c# and .NET 2.0
提问by mrtaikandi
How can I create a local user account using .NET 2.0 and c# and also be able to set the "Password never expires" to never.
如何使用 .NET 2.0 和 c# 创建本地用户帐户,并且还能够将“密码永不过期”设置为从不。
I have tried using "Net.exe" using Process.Start and passing its parameters but it seems that the "net user" is unable to set the "Password never expires" to never.
我曾尝试使用 Process.Start 使用“Net.exe”并传递其参数,但似乎“网络用户”无法将“密码永不过期”设置为从不。
采纳答案by splattne
Read this excellent CodeProject article
阅读这篇优秀的 CodeProject 文章
Howto: (Almost) Everything In Active Directory via C#
如何:(几乎)通过 C# 在 Active Directory 中的所有内容
There is a section "Create User Account" and "Dealing with User Passwords".
有一个部分“创建用户帐户”和“处理用户密码”。
UPDATE:
更新:
To adapt the code for local accounts replace the respective lines with these:
要调整本地帐户的代码,请用以下内容替换相应的行:
DirectoryEntry localMachine = new DirectoryEntry("WinNT://" +
Environment.MachineName);
DirectoryEntry newUser = localMachine.Children.Add("localuser", "user");
Here starts the original code snippet for domain accounts:
下面是域帐户的原始代码片段:
public string CreateUserAccount(string ldapPath, string userName,
string userPassword)
{
string oGUID = string.Empty;
try
{
string connectionPrefix = "LDAP://" + ldapPath;
DirectoryEntry dirEntry = new DirectoryEntry(connectionPrefix);
DirectoryEntry newUser = dirEntry.Children.Add
("CN=" + userName, "user");
newUser.Properties["samAccountName"].Value = userName;
int val = (int)newUser.Properties["userAccountControl"].Value;
newUser.Properties["userAccountControl"].Value = val | 0x10000;
newUser.CommitChanges();
oGUID = newUser.Guid.ToString();
newUser.Invoke("SetPassword", new object[] { userPassword });
newUser.CommitChanges();
dirEntry.Close();
newUser.Close();
}
catch (System.DirectoryServices.DirectoryServicesCOMException E)
{
//DoSomethingwith --> E.Message.ToString();
}
return oGUID;
}
There are some specifics to understand when dealing with user passwords and boundaries around passwords such as forcing a user to change their password on the next logon, denying the user the right to change their own passwords, setting passwords to never expire, to when to expire, and these tasks can be accomplished using UserAccountControl flags that are demonstrated in the proceeding sections.
Please refer to this great MSDN article: Managing User Passwordsfor examples and documentation regarding these features.
在处理用户密码和密码边界时需要了解一些细节,例如强制用户在下次登录时更改密码、拒绝用户更改自己密码的权利、将密码设置为永不过期、何时过期,并且可以使用在后续部分中演示的 UserAccountControl 标志来完成这些任务。
有关这些功能的示例和文档,请参阅这篇很棒的 MSDN 文章:管理用户密码。
CONST HEX
------------------------------------------
SCRIPT 0x0001
ACCOUNTDISABLE 0x0002
HOMEDIR_REQUIRED 0x0008
LOCKOUT 0x0010
PASSWD_NOTREQD 0x0020
PASSWD_CANT_CHANGE 0x0040
ENCRYPTED_TEXT_PWD_ALLOWED 0x0080
TEMP_DUPLICATE_ACCOUNT 0x0100
NORMAL_ACCOUNT 0x0200
INTERDOMAIN_TRUST_ACCOUNT 0x0800
WORKSTATION_TRUST_ACCOUNT 0x1000
SERVER_TRUST_ACCOUNT 0x2000
DONT_EXPIRE_PASSWORD 0x10000
MNS_LOGON_ACCOUNT 0x20000
SMARTCARD_REQUIRED 0x40000
TRUSTED_FOR_DELEGATION 0x80000
NOT_DELEGATED 0x100000
USE_DES_KEY_ONLY 0x200000
DONT_REQ_PREAUTH 0x400000
PASSWORD_EXPIRED 0x800000
TRUSTED_TO_AUTH_FOR_DELEGATION 0x1000000
回答by Ed Sykes
This code will create a local account with the password never expires option set:
此代码将创建一个带有密码永不过期选项集的本地帐户:
using System.DirectoryServices;
DirectoryEntry hostMachineDirectory = new DirectoryEntry("WinNT://localhost");
DirectoryEntries entries = hostMachineDirectory.Children;
bool userExists = false;
foreach (DirectoryEntry each in entries)
{
userExists = each.Name.Equals("NewUser",
StringComparison.CurrentCultureIgnoreCase);
if (systemtestUserExists)
break;
}
if (false == userExists)
{
DirectoryEntry obUser = entries.Add("NewUser", "User");
obUser.Properties["FullName"].Add("Local user");
obUser.Invoke("SetPassword", "abcdefg12345@");
obUser.Invoke("Put", new object[] {"UserFlags", 0x10000});
obUser.CommitChanges();
}
The 0x10000 flag means PasswordNeverExpires.
0x10000 标志表示 PasswordNeverExpires。
I spent a long time figuring out how to create a local user account with the password set not to expire. It seems that when you try to use:
我花了很长时间弄清楚如何创建一个密码设置为不过期的本地用户帐户。似乎当您尝试使用时:
int val = (int)newUser.Properties["userAccountControl"].Value;
newUser.Properties["userAccountControl"].Value = val | 0x10000
permissions from active directory come into play. If you have active directory permissions everything works fine. If you don't then getting the userAccountControl property will always result in a null value. Trying to set userAccountControl will result in an exception "The directory property cannot be found in the cache".
活动目录的权限发挥作用。如果您有活动目录权限,一切正常。如果不这样做,则获取 userAccountControl 属性将始终导致空值。尝试设置 userAccountControl 会导致异常“在缓存中找不到目录属性”。
However after much hunting around I found another property "UserFlags" that needs to be set using Invoke. You can use this to set the flag on a local account. I've tried this code and it worked on windows server 2008.
然而,经过多次搜索,我发现了另一个需要使用 Invoke 设置的属性“UserFlags”。您可以使用它在本地帐户上设置标志。我试过这段代码,它在 windows server 2008 上工作。
Hope this helps
希望这可以帮助
回答by Mark Kevin Cuizon
using System.DirectoryServices;
使用 System.DirectoryServices;
DirectoryEntry hostMachineDirectory = new DirectoryEntry("WinNT://localhost");
DirectoryEntries entries = hostMachineDirectory.Children;
bool userExists = false;
foreach (DirectoryEntry each in entries)
{
userExists = each.Name.Equals("NewUser",
StringComparison.CurrentCultureIgnoreCase);
if (systemtestUserExists)
break;
}
if (false == userExists)
{
DirectoryEntry obUser = entries.Add("NewUser", "User");
obUser.Properties["FullName"].Add("Local user");
obUser.Invoke("SetPassword", "abcdefg12345@");
obUser.Invoke("Put", new object[] {"UserFlags", 0x10000});
obUser.CommitChanges();
