使用C#实现Windows组和用户管理

1、WindowsAccountHelper类实现

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
using System;
using System.Collections.Generic;
using System.DirectoryServices.AccountManagement;
using System.Linq;
 
public class WindowsAccountHelper
{
    public static string LastErrorMsg { get; private set; }
 
    public static List<string> GetGroups()
    {
        var groups = new List<string>();
        try
        {
            var context = new PrincipalContext(ContextType.Machine);
            var queryGroup = new GroupPrincipal(context);
            var searcher = new PrincipalSearcher(queryGroup);
            searcher.FindAll().ToList().ForEach(t => groups.Add(t.Name));
        }
        catch (Exception)
        {
            groups.Clear();
        }
 
        return groups;
    }
 
    public static List<string> GetGroupUsers(string groupName)
    {
        var group = GetGroup(groupName);
        return GetGroupUsers(group);
    }
 
    public static List<string> GetGroupUsers(GroupPrincipal group)
    {
        var users = new List<string>();
         
        if (group == null)
        {
            return users;
        }
 
        group.GetMembers().ToList().ForEach(t => users.Add(t.Name));
        return users;
    }
 
    public static GroupPrincipal GetGroup(string groupName)
    {
        GroupPrincipal group = null;
        try
        {
            var context = new PrincipalContext(ContextType.Machine);
            var queryGroup = new GroupPrincipal(context);
            var searcher = new PrincipalSearcher(queryGroup);
            foreach (var principal in searcher.FindAll())
            {
                var groupPrincipal = (GroupPrincipal)principal;
                if (groupPrincipal != null && groupPrincipal.Name.Equals(groupName))
                {
                    group = groupPrincipal;
                    break;
                }
            }
        }
        catch (Exception)
        {
            // ignored
        }
 
        return group;
    }
 
    public static GroupPrincipal CreateGroup(string groupName, string description, bool isSecurityGroup)
    {
        GroupPrincipal group;
        try
        {
            group = GetGroup(groupName);
            if (group == null)
            {
                var context = new PrincipalContext(ContextType.Machine);
                group = new GroupPrincipal(context)
                {
                    Name = groupName,
                    Description = description,
                    IsSecurityGroup = isSecurityGroup,
                    GroupScope = GroupScope.Local
                };
                group.Save();
            }
        }
        catch (Exception e)
        {
            LastErrorMsg = e.Message;
            group = null;
        }
 
        return group;
    }
 
    public static bool DeleteGroup(string groupName)
    {
        var group = GetGroup(groupName);
        if (group == null)
        {
            return true;
        }
 
        var ret = true;
        try
        {
            group.Delete();
        }
        catch (Exception)
        {
            ret = false;
        }
 
        return ret;
    }
 
    public static bool CreateWindowsAccount(string userName, string password,
        string displayName, string description, bool cannotChangePassword,
        bool passwordNeverExpires, string groupName)
    {
        bool ret;
        try
        {
            var context = new PrincipalContext(ContextType.Machine);
            var group = GroupPrincipal.FindByIdentity(context, groupName);
            if (group == null)
            {
                return false;
            }
 
            ret = CreateWindowsAccount(userName, password, displayName,
                description, cannotChangePassword, passwordNeverExpires, group);
        }
        catch (Exception)
        {
            ret = false;
        }
 
        return ret;
    }
 
    public static bool CreateWindowsAccount(string userName, string password,
        string displayName, string description, bool cannotChangePassword,
        bool passwordNeverExpires, GroupPrincipal group)
    {
        bool ret;
        try
        {
            if (group == null)
            {
                return false;
            }
 
            var context = new PrincipalContext(ContextType.Machine);
            var user = UserPrincipal.FindByIdentity(context, userName)
                       ?? new UserPrincipal(context);
            user.SetPassword(password);
            user.DisplayName = displayName;
            user.Name = userName;
            user.Description = description;
            user.UserCannotChangePassword = cannotChangePassword;
            user.PasswordNeverExpires = passwordNeverExpires;
            user.Save();
 
            group.Members.Add(user);
            group.Save();
            ret = true;
        }
        catch (Exception)
        {
            ret = false;
        }
 
        return ret;
    }
 
    public static bool DeleteWindowsAccount(List<string> userNameList)
    {
        var ret = true;
        try
        {
            foreach (var userName in userNameList)
            {
                var context = new PrincipalContext(ContextType.Machine);
                var user = UserPrincipal.FindByIdentity(context, userName);
                user?.Delete();
            }
        }
        catch (Exception)
        {
            ret = false;
        }
 
        return ret;
    }
 
    public static bool ChangeUserGroup(string userName, string groupName)
    {
        bool ret;
        try
        {
            var context = new PrincipalContext(ContextType.Machine);
            var group = GroupPrincipal.FindByIdentity(context, groupName);
            if (group == null)
            {
                return false;
            }
 
            ret = ChangeUserGroup(userName, group);
        }
        catch (Exception)
        {
            ret = false;
        }
 
        return ret;
    }
 
    public static bool ChangeUserGroup(string userName, GroupPrincipal group)
    {
        bool ret;
        try
        {
            if (group == null)
            {
                return false;
            }
 
            var context = new PrincipalContext(ContextType.Machine);
            var user = UserPrincipal.FindByIdentity(context, userName);
            if (user == null)
            {
                return false;
            }
 
            if (!group.Members.Contains(user))
            {
                group.Members.Add(user);
                group.Save();
            }
 
            ret = true;
        }
        catch (Exception)
        {
            ret = false;
        }
 
        return ret;
    }
 
    public static int UpdateGroupUsers(string groupName, List<string> userNames, string password = "")
    {
        var group = CreateGroup(groupName, string.Empty, false);
        if (group == null)
        {
            return 0;
        }
 
        var userNameList = new List<string>();
        userNameList.AddRange(userNames);
 
        var addedUsers = new List<string>();
        int groupUserCount;
 
        try
        {
            foreach (var principal in group.GetMembers())
            {
                var user = (UserPrincipal)principal;
                if (user == null)
                {
                    continue;
                }
 
                if (userNameList.Contains(user.Name))
                {
                    //已有用户
                    addedUsers.Add(user.Name);
                }
                else
                {
                    user.Delete();
                }
            }
 
            //已有用户数
            groupUserCount = addedUsers.Count;
 
            //剩余的即为需要添加的用户集合
            foreach (var userName in addedUsers)
            {
                userNameList.Remove(userName);
            }
 
            //创建用户
            foreach (var userName in userNameList)
            {
                if (CreateWindowsAccount(userName, password,
                    userName, string.Empty,
                    false, false, group))
                {
                    groupUserCount++;
                }
            }
        }
        catch (UnauthorizedAccessException)
        {
            groupUserCount = 0;
        }
 
        return groupUserCount;
    }
}

2、使用示例

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
private bool CreateGroupUsers(string groupName, List<string> windowsUserList,
    string password, int userCount)
{
    var group = WindowsAccountHelper.CreateGroup(groupName, string.Empty, true);
    if (group == null)
    {
        return false;
    }
 
    var userNames = WindowsAccountHelper.GetGroupUsers(group);
    foreach (var userName in WindowsUserList)
    {
        if (!userNames.Contains(userName))
        {
            if (!WindowsAccountHelper.CreateWindowsAccount(userName, password,
                userName, string.Empty,
                false, false, group))
            {
                return false;
            }
        }
    }
 
    return true;
}

 

posted @   xhubobo  阅读(1203)  评论(0编辑  收藏  举报
编辑推荐:
· 没有源码,如何修改代码逻辑?
· 一个奇形怪状的面试题:Bean中的CHM要不要加volatile?
· [.NET]调用本地 Deepseek 模型
· 一个费力不讨好的项目,让我损失了近一半的绩效!
· .NET Core 托管堆内存泄露/CPU异常的常见思路
阅读排行:
· DeepSeek “源神”启动!「GitHub 热点速览」
· 微软正式发布.NET 10 Preview 1:开启下一代开发框架新篇章
· C# 集成 DeepSeek 模型实现 AI 私有化(本地部署与 API 调用教程)
· DeepSeek R1 简明指南:架构、训练、本地部署及硬件要求
· NetPad:一个.NET开源、跨平台的C#编辑器
点击右上角即可分享
微信分享提示