下面的示例说明如何在组织单位中创建用户。默认情况下,将禁用此帐户。有关详细信息,请参阅启用和禁用用户帐户主题。
DirectoryEntry ent = new DirectoryEntry();
DirectoryEntry ou = ent.Children.Find("OU=Consulting");
// Use the Add method to add a user to an organizational unit.
DirectoryEntry usr = ou.Children.Add("CN=New User","user");
// Set the samAccountName, then commit changes to the directory.
usr.Properties["samAccountName"].Value = "newuser";
usr.CommitChanges();
该任务还可以用 Visual Basic 完成:
imports Microsoft.VisualBasic
imports System
imports System.Collections
imports System.DirectoryServices
public module MyModule
sub Main
Test()
end sub
sub Test()
try
Dim AD as new
DirectoryEntry("LDAP://Nami/CN=Users,DC=DeploymentCentric,DC=com")
AD.AuthenticationType = AuthenticationTypes.Secure
'AD.Username = "NetBiosName\UserName"
'AD.Password = "password"
Dim newUser as DirectoryEntry =
AD.Children.Add("cn=HOBOJOE", "user")
newUser.Properties("sAMAccountName").Value = "HOBOJOE"
newUser.Invoke("Put", new object() {"Description", "Test User from .NET"})
newUser.CommitChanges()
newUser.Invoke("SetPassword", new object() {"#1A" +
"password"})
Dim val as ADS_USER_FLAG_ENUM =
DirectCast(newUser.Properties("userAccountControl").Value,
ADS_USER_FLAG_ENUM)
val = val And (Not
ADS_USER_FLAG_ENUM.ADS_UF_ACCOUNTDISABLE) Or ADS_USER_FLAG_ENUM.ADS_UF_DONT_EXPIRE_PASSWD
newUser.Properties("userAccountControl").Value = val
newUser.CommitChanges()
catch ex as Exception
Console.WriteLine(ex)
finally
Console.ReadLine()
end try
end sub
<FlagsAttribute()> _
public enum ADS_GROUP_TYPE_ENUM
ADS_GROUP_TYPE_GLOBAL_GROUP = &H2
ADS_GROUP_TYPE_DOMAIN_LOCAL_GROUP = &H4
ADS_GROUP_TYPE_LOCAL_GROUP = &H4
ADS_GROUP_TYPE_UNIVERSAL_GROUP = &H8
ADS_GROUP_TYPE_SECURITY_ENABLED = &H80000000
end enum
<FlagsAttribute()> _
public enum ADS_USER_FLAG_ENUM
ADS_UF_SCRIPT = &H0001
ADS_UF_ACCOUNTDISABLE = &H0002
ADS_UF_HOMEDIR_REQUIRED = &H0008
ADS_UF_LOCKOUT = &H0010
ADS_UF_PASSWD_NOTREQD = &H0020
ADS_UF_PASSWD_CANT_CHANGE = &H0040
ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED = &H0080
ADS_UF_TEMP_DUPLICATE_ACCOUNT = &H0100
ADS_UF_NORMAL_ACCOUNT = &H0200
ADS_UF_INTERDOMAIN_TRUST_ACCOUNT = &H0800
ADS_UF_WORKSTATION_TRUST_ACCOUNT = &H1000
ADS_UF_SERVER_TRUST_ACCOUNT = &H2000
ADS_UF_DONT_EXPIRE_PASSWD = &H10000
ADS_UF_MNS_LOGON_ACCOUNT = &H20000
ADS_UF_SMARTCARD_REQUIRED = &H40000
ADS_UF_TRUSTED_FOR_DELEGATION = &H80000
ADS_UF_NOT_DELEGATED = &H100000
ADS_UF_USE_DES_KEY_ONLY = &H200000
ADS_UF_DONT_REQUIRE_PREAUTH = &H400000
ADS_UF_PASSWORD_EXPIRED = &H800000
ADS_UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION = &H1000000
end enum
end module
在此示例中,设置 samAccountName 属性。有关此属性的详细信息,请参阅 MSDN Library(网址为 https://go.microsoft.com/fwlink/?LinkID=27252)中的主题“samAccountName”。
samAccountName 属性创建唯一的 samAccountName,如 $CP2000-O16B1V0UKHK7。如果域控制器运行在 Windows NT Server 4.0 上,则此属性对用户帐户是必需的。在 Windows Server 2003 中,samAccountName 属性是可选的。
另请参见
参考
概念
Send comments about this topic to Microsoft.
版权所有 (C) 2007 Microsoft Corporation。保留所有权利。