C# 如何以编程方式更改 Active Directory 密码
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1066131/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to programmatically change Active Directory password
提问by Jeff
I have a set of test accounts that are going to be created but the accounts will be setup to require password change on the first login. I want to write a program in C# to go through the test accounts and change the passwords.
我有一组将要创建的测试帐户,但这些帐户将被设置为在第一次登录时要求更改密码。我想用 C# 编写一个程序来检查测试帐户并更改密码。
采纳答案by tvanfosson
You can use the UserPrincipalclass' SetPasswordmethod, provided you have enough privileges, once you've found the correct UserPrincipal object. Use FindByIdentityto look up the principal object in question.
一旦找到正确的 UserPrincipal 对象,您就可以使用UserPrincipal类的SetPassword方法,前提是您有足够的权限。使用FindByIdentity查找有问题的主要对象。
using (var context = new PrincipalContext( ContextType.Domain ))
{
using (var user = UserPrincipal.FindByIdentity( context, IdentityType.SamAccountName, userName ))
{
user.SetPassword( "newpassword" );
// or
user.ChangePassword( "oldPassword", "newpassword" );
user.Save();
}
}
回答by Dana Holt
Here's a great Active Directory programming quick reference:
这是一个很棒的 Active Directory 编程快速参考:
Howto: (Almost) Everything In Active Directory via C#
如何:(几乎)通过 C# 在 Active Directory 中的所有内容
See the password reset code near the end.
请参阅接近末尾的密码重置代码。
public void ResetPassword(string userDn, string password)
{
DirectoryEntry uEntry = new DirectoryEntry(userDn);
uEntry.Invoke("SetPassword", new object[] { password });
uEntry.Properties["LockOutTime"].Value = 0; //unlock account
uEntry.Close();
}
回答by Mohamed Hachem
Here is the solution:
这是解决方案:
string newPassword = Membership.GeneratePassword(12, 4);
string quotePwd = String.Format(@"""{0}""", newPassword);
byte[] pwdBin = System.Text.Encoding.Unicode.GetBytes(quotePwd);
UserEntry.Properties["unicodePwd"].Value = pwdBin;
UserEntry.CommitChanges();
回答by Rashad Annara
Try this code. It works for me,
试试这个代码。这个对我有用,
public void ChangeMyPassword(string domainName, string userName, string currentPassword, string newPassword)
{
try
{
string ldapPath = "LDAP://192.168.1.xx";
DirectoryEntry directionEntry = new DirectoryEntry(ldapPath, domainName + "\" + userName, currentPassword);
if (directionEntry != null)
{
DirectorySearcher search = new DirectorySearcher(directionEntry);
search.Filter = "(SAMAccountName=" + userName + ")";
SearchResult result = search.FindOne();
if (result != null)
{
DirectoryEntry userEntry = result.GetDirectoryEntry();
if (userEntry != null)
{
userEntry.Invoke("ChangePassword", new object[] { currentPassword, newPassword });
userEntry.CommitChanges();
}
}
}
}
catch (Exception ex)
{
throw ex;
}
}
回答by mallas
It is possible to set a new password to a domain account, by using .NET Framework 2.0. See working code bellow:
可以使用 .NET Framework 2.0 为域帐户设置新密码。请参阅下面的工作代码:
string domainfqdn="mydomain.test.gov" //fqdn of the domain
string ldapPath =GetObjectDistinguishedName (objectClass.user,returnType.distinguishedName, args[0].ToString(),domainfqdn);
ldapPath="LDAP://" + domainfqdn + :389/"+ldapPath;
DirectoryEntry uEntry = new DirectoryEntry(ldapPath,null,null,AuthenticationTypes.Secure);
uEntry.CommitChanges();
Console.WriteLine(ldapPath);
string password="myS3cr3tPass"
uEntry.Invoke("SetPassword", new object[] { password });
uEntry.Properties["LockOutTime"].Value = 0; //unlock account
uEntry.CommitChanges();
uEntry.Close();
it is very importan to check the parameters at uEntry, the code will run under the current thread security context, unless the null values are specified
检查 uEntry 的参数非常重要,代码将在当前线程安全上下文下运行,除非指定了空值
回答by Lavlesh Verma
public void ResetPassword(string userName, string Password, string newPassword)
{
try
{
DirectoryEntry directoryEntry = new DirectoryEntry(Path, userName, Password);
if (directoryEntry != null)
{
DirectorySearcher searchEntry = new DirectorySearcher(directoryEntry);
searchEntry.Filter = "(samaccountname=" + userName + ")";
SearchResult result = searchEntry.FindOne();
if (result != null)
{
DirectoryEntry userEntry = result.GetDirectoryEntry();
if (userEntry != null)
{
userEntry.Invoke("SetPassword", new object[] { newPassword });
userEntry.Properties["lockouttime"].Value = 0;
}
}
}
}
catch (Exception ex)
{
Log.Error("Password Can't Change:" + ex.InnerException.Message);
}
}
