C#操作AD域中计算机

 记录下如何操作域中的计算机:

 

 /// <summary>
        /// 根据pc名称删除
       /// </summary>
        public bool PcDelete(string pcName,string username,string password)
        {
            try
            {
                //IPGlobalProperties ipGlobalProperties = IPGlobalProperties.GetIPGlobalProperties();
                //string doname = ipGlobalProperties.DomainName;
                // PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, doname);
                PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, serveraddress, username, password);//serveraddress不要加ladp 直接写IP地址就可以了
                ComputerPrincipal computerPrincipal = ComputerPrincipal.FindByIdentity(principalContext, IdentityType.Name, pcName);
                computerPrincipal.Delete();//删除计算机
                computerPrincipal.Dispose();
                return true;
            }
            catch (Exception ex)
            {
                return false;
            }
        }

        /// <summary>
        /// pc禁用
        /// </summary>
        public bool PcUnEnabled(string pcName, string username, string password)
        {
            try
            {
                //IPGlobalProperties ipGlobalProperties = IPGlobalProperties.GetIPGlobalProperties();
                //string doname = ipGlobalProperties.DomainName;
                // PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, doname);
                PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, serveraddress, username, password);
                ComputerPrincipal computerPrincipal = ComputerPrincipal.FindByIdentity(principalContext, IdentityType.Name, pcName);
                computerPrincipal.Enabled = false;//禁用计算机
                computerPrincipal.Save();
                computerPrincipal.Dispose();
                return true;
            }
            catch (Exception ex)
            {
                return false;
            }
        }

查询pc

 /// <summary>
        /// 根据Pc名称获取pc
        /// </summary>
        /// <param name="pcName"></param>
        /// <returns></returns>
        public ComputerPrincipal GetPcByName(string pcName, string username, string password)
        {
            try
            {
                //IPGlobalProperties ipGlobalProperties = IPGlobalProperties.GetIPGlobalProperties();
                //string doname = ipGlobalProperties.DomainName;
                // PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, doname);
                PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, serveraddress, username, password);
                ComputerPrincipal computerPrincipal = ComputerPrincipal.FindByIdentity(principalContext, IdentityType.Name, pcName);
                return computerPrincipal;
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }

        /// <summary>
        /// 根据sid获取Pc
        /// </summary>
        /// <param name="sid"></param>
        /// <returns></returns>
        public ComputerPrincipal GetPcBySid(string sid, string username, string password)
        {
            try
            {
                //IPGlobalProperties ipGlobalProperties = IPGlobalProperties.GetIPGlobalProperties();
                //string doname = ipGlobalProperties.DomainName;
                // PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, doname);
                PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, serveraddress, username, password);
                ComputerPrincipal computerPrincipal = ComputerPrincipal.FindByIdentity(principalContext, IdentityType.Sid, sid);
                return computerPrincipal;
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }

根据SID查询时,sid读出来为一个byte[]类型,需要一个转换算法后才可以使用,下面附一个转换过程:

 #region sid转换
        private string ConvertByteToStringSid(Byte[] sidBytes)
        {
            StringBuilder strSid = new StringBuilder();
            strSid.Append("S-");
            try
            {
                // Add SID revision.
                strSid.Append(sidBytes[0].ToString());
                // Next six bytes are SID authority value.
                if (sidBytes[6] != 0 || sidBytes[5] != 0)
                {
                    string strAuth = String.Format
                        ("0x{0:2x}{1:2x}{2:2x}{3:2x}{4:2x}{5:2x}",
                        (Int16)sidBytes[1],
                        (Int16)sidBytes[2],
                        (Int16)sidBytes[3],
                        (Int16)sidBytes[4],
                        (Int16)sidBytes[5],
                        (Int16)sidBytes[6]);
                    strSid.Append("-");
                    strSid.Append(strAuth);
                }
                else
                {
                    Int64 iVal = (Int32)(sidBytes[1]) +
                        (Int32)(sidBytes[2] << 8) +
                        (Int32)(sidBytes[3] << 16) +
                        (Int32)(sidBytes[4] << 24);
                    strSid.Append("-");
                    strSid.Append(iVal.ToString());
                }

                // Get sub authority count...
                int iSubCount = Convert.ToInt32(sidBytes[7]);
                int idxAuth = 0;
                for (int i = 0; i < iSubCount; i++)
                {
                    idxAuth = 8 + i * 4;
                    UInt32 iSubAuth = BitConverter.ToUInt32(sidBytes, idxAuth);
                    strSid.Append("-");
                    strSid.Append(iSubAuth.ToString());
                }
            }
            catch (Exception ex)
            {
                System.Diagnostics.Trace.Write(ex.Message);
                return "";
            }
            return strSid.ToString();
        }
        #endregion

 

DirectoryEntry 移动到指定OU
 #region  移动目录
         public DirectoryEntry MoveComputer(string category, string name)
        {
            DirectoryEntry de = null;
            DirectorySearcher ds = null;
            DirectoryEntry userEntry = null;
            try
            {
                de = new DirectoryEntry(GetDomainPath(), adminUser, adminPwd, AuthenticationTypes.Secure);
                ds = new DirectorySearcher(de);
                string queryFilter = string.Format("(&(objectCategory=" + category + ")(sAMAccountName={0}))", name);
                ds.Filter = queryFilter;
                ds.Sort.PropertyName = "cn";
                SearchResult sr = ds.FindOne();
                if (sr != null)
                {
                    userEntry = sr.GetDirectoryEntry();
                    DirectoryEntry dp = new DirectoryEntry("LDAP://192.168.0.1/OU=test,DC=test,DC=com", adminUser, adminPwd);
                    userEntry.MoveTo(dp);
                }
                return userEntry;
            }
            catch (Exception ex)
            {
                return new DirectoryEntry();
            }
            finally
            {
                if (ds != null)
                {
                    ds.Dispose();
                }
                if (de != null)
                {
                    de.Dispose();
                }
            }
        }
        #endregion

 

posted @ 2016-12-06 10:59  努力的小样  阅读(1784)  评论(0编辑  收藏  举报
Copyright ©2017 爱睡觉的程序猿