使用C#实现Windows组和用户管理
1、WindowsAccountHelper类实现
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 | using System; using System.Collections.Generic; using System.DirectoryServices.AccountManagement; using System.Linq; public class WindowsAccountHelper { public static string LastErrorMsg { get ; private set ; } public static List< string > GetGroups() { var groups = new List< string >(); try { var context = new PrincipalContext(ContextType.Machine); var queryGroup = new GroupPrincipal(context); var searcher = new PrincipalSearcher(queryGroup); searcher.FindAll().ToList().ForEach(t => groups.Add(t.Name)); } catch (Exception) { groups.Clear(); } return groups; } public static List< string > GetGroupUsers( string groupName) { var group = GetGroup(groupName); return GetGroupUsers( group ); } public static List< string > GetGroupUsers(GroupPrincipal group ) { var users = new List< string >(); if ( group == null ) { return users; } group .GetMembers().ToList().ForEach(t => users.Add(t.Name)); return users; } public static GroupPrincipal GetGroup( string groupName) { GroupPrincipal group = null ; try { var context = new PrincipalContext(ContextType.Machine); var queryGroup = new GroupPrincipal(context); var searcher = new PrincipalSearcher(queryGroup); foreach ( var principal in searcher.FindAll()) { var groupPrincipal = (GroupPrincipal)principal; if (groupPrincipal != null && groupPrincipal.Name.Equals(groupName)) { group = groupPrincipal; break ; } } } catch (Exception) { // ignored } return group ; } public static GroupPrincipal CreateGroup( string groupName, string description, bool isSecurityGroup) { GroupPrincipal group ; try { group = GetGroup(groupName); if ( group == null ) { var context = new PrincipalContext(ContextType.Machine); group = new GroupPrincipal(context) { Name = groupName, Description = description, IsSecurityGroup = isSecurityGroup, GroupScope = GroupScope.Local }; group .Save(); } } catch (Exception e) { LastErrorMsg = e.Message; group = null ; } return group ; } public static bool DeleteGroup( string groupName) { var group = GetGroup(groupName); if ( group == null ) { return true ; } var ret = true ; try { group .Delete(); } catch (Exception) { ret = false ; } return ret; } public static bool CreateWindowsAccount( string userName, string password, string displayName, string description, bool cannotChangePassword, bool passwordNeverExpires, string groupName) { bool ret; try { var context = new PrincipalContext(ContextType.Machine); var group = GroupPrincipal.FindByIdentity(context, groupName); if ( group == null ) { return false ; } ret = CreateWindowsAccount(userName, password, displayName, description, cannotChangePassword, passwordNeverExpires, group ); } catch (Exception) { ret = false ; } return ret; } public static bool CreateWindowsAccount( string userName, string password, string displayName, string description, bool cannotChangePassword, bool passwordNeverExpires, GroupPrincipal group ) { bool ret; try { if ( group == null ) { return false ; } var context = new PrincipalContext(ContextType.Machine); var user = UserPrincipal.FindByIdentity(context, userName) ?? new UserPrincipal(context); user.SetPassword(password); user.DisplayName = displayName; user.Name = userName; user.Description = description; user.UserCannotChangePassword = cannotChangePassword; user.PasswordNeverExpires = passwordNeverExpires; user.Save(); group .Members.Add(user); group .Save(); ret = true ; } catch (Exception) { ret = false ; } return ret; } public static bool DeleteWindowsAccount(List< string > userNameList) { var ret = true ; try { foreach ( var userName in userNameList) { var context = new PrincipalContext(ContextType.Machine); var user = UserPrincipal.FindByIdentity(context, userName); user?.Delete(); } } catch (Exception) { ret = false ; } return ret; } public static bool ChangeUserGroup( string userName, string groupName) { bool ret; try { var context = new PrincipalContext(ContextType.Machine); var group = GroupPrincipal.FindByIdentity(context, groupName); if ( group == null ) { return false ; } ret = ChangeUserGroup(userName, group ); } catch (Exception) { ret = false ; } return ret; } public static bool ChangeUserGroup( string userName, GroupPrincipal group ) { bool ret; try { if ( group == null ) { return false ; } var context = new PrincipalContext(ContextType.Machine); var user = UserPrincipal.FindByIdentity(context, userName); if (user == null ) { return false ; } if (! group .Members.Contains(user)) { group .Members.Add(user); group .Save(); } ret = true ; } catch (Exception) { ret = false ; } return ret; } public static int UpdateGroupUsers( string groupName, List< string > userNames, string password = "" ) { var group = CreateGroup(groupName, string .Empty, false ); if ( group == null ) { return 0; } var userNameList = new List< string >(); userNameList.AddRange(userNames); var addedUsers = new List< string >(); int groupUserCount; try { foreach ( var principal in group .GetMembers()) { var user = (UserPrincipal)principal; if (user == null ) { continue ; } if (userNameList.Contains(user.Name)) { //已有用户 addedUsers.Add(user.Name); } else { user.Delete(); } } //已有用户数 groupUserCount = addedUsers.Count; //剩余的即为需要添加的用户集合 foreach ( var userName in addedUsers) { userNameList.Remove(userName); } //创建用户 foreach ( var userName in userNameList) { if (CreateWindowsAccount(userName, password, userName, string .Empty, false , false , group )) { groupUserCount++; } } } catch (UnauthorizedAccessException) { groupUserCount = 0; } return groupUserCount; } } |
2、使用示例
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | private bool CreateGroupUsers( string groupName, List< string > windowsUserList, string password, int userCount) { var group = WindowsAccountHelper.CreateGroup(groupName, string .Empty, true ); if ( group == null ) { return false ; } var userNames = WindowsAccountHelper.GetGroupUsers( group ); foreach ( var userName in WindowsUserList) { if (!userNames.Contains(userName)) { if (!WindowsAccountHelper.CreateWindowsAccount(userName, password, userName, string .Empty, false , false , group )) { return false ; } } } return true ; } |
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】凌霞软件回馈社区,博客园 & 1Panel & Halo 联合会员上线
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】博客园社区专享云产品让利特惠,阿里云新客6.5折上折
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 没有源码,如何修改代码逻辑?
· 一个奇形怪状的面试题:Bean中的CHM要不要加volatile?
· [.NET]调用本地 Deepseek 模型
· 一个费力不讨好的项目,让我损失了近一半的绩效!
· .NET Core 托管堆内存泄露/CPU异常的常见思路
· DeepSeek “源神”启动!「GitHub 热点速览」
· 微软正式发布.NET 10 Preview 1:开启下一代开发框架新篇章
· C# 集成 DeepSeek 模型实现 AI 私有化(本地部署与 API 调用教程)
· DeepSeek R1 简明指南:架构、训练、本地部署及硬件要求
· NetPad:一个.NET开源、跨平台的C#编辑器