活动目录创建用户

Question

我想通过C＃脚本将用户添加到活动目录。我在网上找到了这个脚本（我自己并没有做到）。问题是，当我尝试添加用户时出现此错误：

指定的目录服务属性或值不存在。

这是代码，我现在所拥有的：

private void buttonCreateUser_Click(object sender, EventArgs e) 
{ 
    CreateADSUser(textboxUsername.Text, textboxPassword.Text); 
} 

public string CreateADSUser(string username, string password) 
{ 
    String RootDSE; 
    try 
    { 
     DirectorySearcher DSESearcher = new DirectorySearcher(); 
     RootDSE = DSESearcher.SearchRoot.Path; 

     RootDSE = RootDSE.Insert(7, "CN=Users,"); 

     DirectoryEntry myDE = new DirectoryEntry(RootDSE); 
     DirectoryEntries myEntries = myDE.Children; 

     DirectoryEntry myDirectoryEntry = myEntries.Add("CN=" + username, "user"); 
     myDirectoryEntry.Properties["userPrincipalName"].Value = username; 
     myDirectoryEntry.Properties["name"].Value = username; 
     myDirectoryEntry.Properties["Password"].Value = password; 
     myDirectoryEntry.Properties["samAccountName"].Value = username; 
     myDirectoryEntry.Properties["FullName"].Value = username; 
     myDirectoryEntry.Properties["AccountDisabled"].Value = 0; 
     myDirectoryEntry.Properties["PasswordRequired"].Value = 1; 

     // Permanent Password? 
     myDirectoryEntry.Properties["permpass"].Value = 1; 
     myDirectoryEntry.CommitChanges(); 

     DSESearcher.Dispose(); 
     myDirectoryEntry.Dispose(); 

     textboxReports.Text = "Worked!"; 
     return "Worked!"; 
    } 
    catch (Exception ex) 
    { 
     textboxReports.Text = ex.Message; 
     return ex.Message; 
    } 
} 

Answer 1

没关系，我已经得到了修复！

这是它看起来像现在：

using (var pc = new PrincipalContext(ContextType.Domain)) 
      { 
       using (var up = new UserPrincipal(pc)) 
       { 
        up.SamAccountName = textboxUsername.Text; // Username 
        up.EmailAddress = textboxEmail.Text; // Email 
        up.SetPassword(textboxPassword.Text); // Password 
        up.Enabled = true; 
        up.ExpirePasswordNow(); 
        up.Save(); 
       } 
      } 

Answer 2

这里的问题是，没有这些属性的实际存在：

myDirectoryEntry.Properties["Password"].Value = password; 
myDirectoryEntry.Properties["FullName"].Value = username; 
myDirectoryEntry.Properties["AccountDisabled"].Value = 0; 
myDirectoryEntry.Properties["PasswordRequired"].Value = 1; 
myDirectoryEntry.Properties["permpass"].Value = 1; 

这个人是不是一个你写：

myDirectoryEntry.Properties["name"].Value = username; 

为了（从上到下）这里是实际的属性名称：

• 密码 - unicodePwd
• 全名 - displayName
• AccountDisabled - userAccountControl
• PasswordRequired - userAccountControl（其实你设定的逆 - 仅在不需要密码）
• permPass - unicodePwd（不确定这个目标是什么）

Answer 3

通过System.DirectoryServices.AccountManageme NT ..

   PrincipalContext ouContex = new PrincipalContext(ContextType.Domain, "TestDomain.local",   "OU=TestOU,DC=TestDomain,DC=local"); 

     for (int i = 0; i < 3; i++) 
     { 
      try 
      { 
       UserPrincipal up = new UserPrincipal(ouContex); 
       up.SamAccountName = "TestUser" + i; 
       up.SetPassword("password"); 
       up.Enabled = true; 
       up.ExpirePasswordNow(); 
       up.Save(); 
      } 
      catch (Exception ex) 
      { 

      } 
     } 

通过的System.DirectoryServices

To use this namespace you need to add reference System.DirectoryServices.dll 

     DirectoryEntry ouEntry = new DirectoryEntry("LDAP://OU=TestOU,DC=TestDomain,DC=local"); 

     for (int i = 3; i < 6; i++) 
     { 
      try 
      { 
       DirectoryEntry childEntry = ouEntry.Children.Add("CN=TestUser" + i, "user"); 
       childEntry.CommitChanges(); 
       ouEntry.CommitChanges(); 
       childEntry.Invoke("SetPassword", new object[] { "password" }); 
       childEntry.CommitChanges(); 
      } 
      catch (Exception ex) 
      { 

      } 
     }