Feedback

C# - lokale User und Gruppen administrieren

Veröffentlicht von am 23.11.2007
(1 Bewertungen)
Mit dieser Klasse können lokale User und Gruppen angelegt,modifiziert und gelöscht werden.
GFU-Schulungen  [Anzeige]

C# 2017/2015/2013 Aufbau

In dieser Schulung lernen Sie fortgeschrittene Techniken im Bereich .Net C#. Dabei stehen neben den eigentlichen Techniken auch architektonische Aspekte im Mittelpunkt.

Visual Studio Team Foundation Server 2017/2015 (TFS) für Projektmitglieder - Kompakt

Nach Teilnahme an dieser Schulung sind Ihnen die Grundlagen von ALM geläufig. Sie planen und steuern Projekte effizient mit dem Visual Studio Team Foundation Server.

using System;
using System.Collections.Generic;
using System.Text;

namespace Helper
{
    public class LocalMachine
    {        
        private static string _operationSuccess = "success";
        private static string _operationFailed = "failed";
        private static string _operationUserNotExist = "Can not found the specified user";
        private static string _operationGroupNotExist = "Can not found the specified group";
        /// <summary>
        /// Get the DirectoryEntry
        /// </summary>
        /// <returns></returns>
        public static System.DirectoryServices.DirectoryEntry GetLocalMachineEntry()
        {
            System.DirectoryServices.DirectoryEntry result = null;
            try
            {
                //Initiate DirectoryEntry Class To Connect Through WINNT Protocol
                string entryString = "WinNT://" + Environment.MachineName + ",computer";
                result = new System.DirectoryServices.DirectoryEntry(entryString);
            }
            catch
            {
                result = null;
            }
            return result;
        }
        /// <summary>
        /// Check if the user exist
        /// </summary>
        /// <param name="userIdentity"></param>
        /// <returns></returns>
        public static bool UserExist(string userIdentity)
        {
            System.DirectoryServices.DirectoryEntry localMachine = GetLocalMachineEntry();            
            bool result = false;

            if (localMachine != null)
            {
                try
                {
                    //Search if specified User exist
                    if (localMachine.Children.Find(userIdentity, "user") != null)
                        result = true;
                }
                catch
                {
                    result = false;
                }
            }
            localMachine.Close();
            localMachine.Dispose();
            return result;
        }
        /// <summary>
        /// Check if the group exist
        /// </summary>
        /// <param name="groupIdentity"></param>
        /// <returns></returns>
        public static bool GroupExist(string groupIdentity)
        {
            System.DirectoryServices.DirectoryEntry localMachine = GetLocalMachineEntry();
            bool result = false;

            if (localMachine != null)
            {
                try
                {
                    //Search if specified Group already exist
                    if (localMachine.Children.Find(groupIdentity, "group") != null)
                        result = true;
                }
                catch
                {
                    result = false;
                }
            }
            localMachine.Close();
            localMachine.Dispose();
            return result;
        }
        /// <summary>
        /// Adds a specified group if the specified user exist and adds the user to the group
        /// </summary>
        /// <param name="groupIdentity"></param>
        /// <param name="groupDescription"></param>
        /// <param name="userIdentity"></param>
        /// <returns></returns>
        public static string CreateGroupAndAddUserToGroup(string groupIdentity, string groupDescription, string userIdentity)
        {
            System.DirectoryServices.DirectoryEntry localMachine = GetLocalMachineEntry();
            string result = _operationFailed;
            if (localMachine != null)
            {
                if (UserExist(userIdentity))
                {
                    result = CreateGroup(groupIdentity, groupDescription);
                    if (result == _operationSuccess)
                    {
                        if (GroupExist(groupIdentity))
                        {
                            try
                            {
                                System.DirectoryServices.DirectoryEntry groupEntry = localMachine.Children.Find(groupIdentity, "group");
                                System.DirectoryServices.DirectoryEntry userEntry = localMachine.Children.Find(userIdentity, "user");

                                //Add User To specified Group                            
                                groupEntry.Invoke("Add", new object[] { userEntry.Path.ToString() });
                                groupEntry.CommitChanges();
                                result = _operationSuccess;
                                groupEntry.Close();
                                groupEntry.Dispose();
                                userEntry.Close();
                                userEntry.Dispose();
                            }
                            catch (Exception ex)
                            {
                                result = ex.Message;
                            }
                        }
                        else
                        {
                            result = _operationGroupNotExist;
                        }
                    }
                }
                else
                {
                    result = _operationUserNotExist;
                }
            }
            localMachine.Close();
            localMachine.Dispose();
            return result;
        }
        /// <summary>
        /// Adds a specified group with a specified description
        /// </summary>
        /// <param name="groupIdentity"></param>
        /// <param name="groupDescription"></param>
        /// <returns></returns>
        public static string CreateGroup(string groupIdentity, string groupDescription)
        {
            System.DirectoryServices.DirectoryEntry localMachine = GetLocalMachineEntry();
            string result = _operationFailed;

            if (localMachine != null)
            {
                if (GroupExist(groupIdentity) == false)
                {
                    try
                    {
                        //Add Group
                        System.DirectoryServices.DirectoryEntry newGroup = localMachine.Children.Add(groupIdentity, "group");
                        localMachine.CommitChanges();
                        if (groupDescription.Trim() != "")
                        {
                            newGroup.Invoke("Put", new object[] { "Description", groupDescription });
                            newGroup.CommitChanges();
                            result = _operationSuccess;                            
                        }
                        newGroup.Close();
                        newGroup.Dispose();
                    }
                    catch (Exception ex)
                    {
                        result = ex.Message;
                    }
                }
                else
                {
                    result = _operationGroupNotExist;
                }
            }
            localMachine.Close();
            localMachine.Dispose();
            return result;
        }
        /// <summary>
        /// Add a specified User to a specified Group
        /// </summary>
        /// <param name="userIdentity"></param>
        /// <param name="groupIdentity"></param>
        /// <returns></returns>
        public static string AddUserToGroup(string userIdentity,string groupIdentity)
        {
            System.DirectoryServices.DirectoryEntry localMachine = GetLocalMachineEntry();
            string result = _operationFailed;
            if (localMachine != null)
            {
                if (UserExist(userIdentity) && GroupExist(groupIdentity))
                {
                    try
                    {
                        System.DirectoryServices.DirectoryEntry groupEntry = localMachine.Children.Find(groupIdentity, "group");
                        System.DirectoryServices.DirectoryEntry userEntry = localMachine.Children.Find(userIdentity, "user");
                        //Add User To the specified group                            
                        groupEntry.Invoke("Add", new object[] { userEntry.Path.ToString() });
                        groupEntry.CommitChanges();
                        result = _operationSuccess;
                        groupEntry.Close();
                        groupEntry.Dispose();
                        userEntry.Close();
                        userEntry.Dispose();
                    }
                    catch (Exception ex)
                    {
                        result = ex.Message;
                    }
                }
                else
                {
                    result = _operationGroupNotExist + " " + _operationUserNotExist;
                }
            }
            localMachine.Close();
            localMachine.Dispose();
            return result;
        }
        /// <summary>
        /// Remove a specified user from a specified group
        /// </summary>
        /// <param name="userIdentity"></param>
        /// <param name="groupIdentity"></param>
        /// <returns></returns>
        public static string RemoveUserFromGroup(string userIdentity, string groupIdentity)
        {
            System.DirectoryServices.DirectoryEntry localMachine = GetLocalMachineEntry();
            string result = _operationFailed;

            if (localMachine != null)
            {
                if (UserExist(userIdentity) && GroupExist(groupIdentity))
                {
                    System.DirectoryServices.DirectoryEntry userEntry = localMachine.Children.Find(userIdentity, "user");
                    System.DirectoryServices.DirectoryEntry groupEntry = localMachine.Children.Find(groupIdentity, "group"); ;

                    // remove user from the group
                    try
                    {
                        groupEntry.Invoke("Remove", new object[] { userEntry.Path });
                        groupEntry.CommitChanges();
                        result = _operationSuccess;
                        groupEntry.Close();
                        groupEntry.Dispose();
                        userEntry.Close();
                        userEntry.Dispose();
                    }
                    catch (Exception ex)
                    {
                        result = ex.Message;
                    }
                }
                else
                {
                    result = _operationUserNotExist + " " + _operationGroupNotExist;
                }
            }
            localMachine.Close();
            localMachine.Dispose();
            return result;
        }
        /// <summary>
        /// Remove a specified group
        /// </summary>
        /// <param name="groupIdentity"></param>
        /// <returns></returns>
        public static string DeleteGroup(string groupIdentity)
        {
            System.DirectoryServices.DirectoryEntry localMachine = GetLocalMachineEntry();
            string result = _operationFailed;

            if (localMachine != null)
            {
                if (GroupExist(groupIdentity))
                {
                    try
                    {
                        //Delete specified Group 
                        System.DirectoryServices.DirectoryEntry groupEntry = localMachine.Children.Find(groupIdentity, "group");
                        localMachine.Children.Remove(groupEntry);
                        localMachine.CommitChanges();
                        result = _operationSuccess;
                        groupEntry.Close();
                        groupEntry.Dispose();
                    }
                    catch (Exception ex)
                    {
                        result = ex.Message;
                    }
                }
                else
                {
                    result = _operationGroupNotExist;
                }
            }
            localMachine.Close();
            localMachine.Dispose();
            return result;
        }
        /// <summary>
        /// Get the members from a group
        /// </summary>
        /// <param name="groupIdentity"></param>
        /// <param name="groupMembers"></param>
        /// <returns></returns>
        public static string GetGroupMembers(string groupIdentity,out string groupMembers)
        {
            groupMembers = string.Empty;
            string result = _operationFailed;
            System.DirectoryServices.DirectoryEntry localMachine = GetLocalMachineEntry();
            if(localMachine != null)
            {
                if(GroupExist(groupIdentity))
                {
                    try
                    {
                        System.DirectoryServices.DirectoryEntry groupEntry = localMachine.Children.Find(groupIdentity, "group");
                        object Members = groupEntry.Invoke("members", null);

                        foreach (object groupMember in (System.Collections.IEnumerable)Members)
                        {
                            System.DirectoryServices.DirectoryEntry member = new System.DirectoryServices.DirectoryEntry(groupMember);
                            groupMembers += member.Name + ";";
                            member.Close();
                            member.Dispose();
                        }
                        groupEntry.Close();
                        groupEntry.Dispose();
                    }
                    catch (Exception ex)
                    {
                        result = ex.Message;
                    }

                }
                else
                {
                    result = _operationGroupNotExist;
                }
            }
            localMachine.Close();
            localMachine.Dispose();
            return result;
        }
        /// <summary>
        /// Create a Windows-User with the specified attributes
        /// </summary>
        /// <param name="userIdentity"></param>
        /// <param name="userPassword"></param>
        /// <param name="userDescription"></param>
        /// <param name="accountActive"></param>
        /// <param name="cannotChangePassword"></param>
        /// <param name="passwordNeverExpires"></param>
        /// <param name="defaultGroup"></param>
        /// <returns></returns>
        public static string CreateUser(string userIdentity, string userPassword, string userDescription, bool accountActive, bool cannotChangePassword, bool passwordNeverExpires, string defaultGroup)
        {
            System.DirectoryServices.DirectoryEntry localMachine = GetLocalMachineEntry();
            string result = _operationFailed;

            if (localMachine != null)
            {
                if (UserExist(userIdentity) == false)
                {
                    try
                    {
                        //Add user
                        System.DirectoryServices.DirectoryEntry newUser = localMachine.Children.Add(userIdentity, "user");
                        localMachine.CommitChanges();
                        newUser.Close();
                        newUser.Dispose();
                        //Set password
                        result = SetUserPassword(userIdentity, userPassword);
                        
                        if(result == _operationSuccess)
                        {
                            result = SetUserDescription(userIdentity, userDescription);

                            if(result == _operationSuccess)
                            {
                               result = SetUserFlags(userIdentity,cannotChangePassword,passwordNeverExpires,accountActive);
 
                                if(result == _operationSuccess)
                                {
                                    //If specified defaultGroup Is Provided, Add New User To This Group
                                    if (defaultGroup.Trim() != "")
                                    {
                                        result = AddUserToGroup(userIdentity, defaultGroup);
                                    }
                                }
                            }
                        }                           
                    }
                    catch (Exception ex)
                    {
                        result = ex.Message;
                    }
                }
                else
                {
                    result = _operationSuccess;
                }
            }
            localMachine.Close();
            localMachine.Dispose();
            return result;
        }
                
        /// <summary>
        /// Enables/Disables the specified User-Account
        /// </summary>
        /// <param name="userIdentity"></param>
        /// <param name="accountActive"></param>
        /// <returns></returns>
        public static string EnableDisableUser(string userIdentity, bool accountActive)
        {
            System.DirectoryServices.DirectoryEntry localMachine = GetLocalMachineEntry();
            string result = _operationFailed;

            if (localMachine != null)
            {
                if (UserExist(userIdentity))
                {
                    try
                    {
                        System.DirectoryServices.DirectoryEntry userEntry = localMachine.Children.Find(userIdentity, "user");                        
                        //Flags
                        //First Normal Account
                        int ADS_UF_NORMAL_ACCOUNT = 512;
                        int combinedFlag = ADS_UF_NORMAL_ACCOUNT; //(int)userFlags;

                        //1. User cannot change password
                        int ADS_UF_PASSWD_CANT_CHANGE = 0x000000040;

                        //2. Password Never Expires
                        int ADS_UF_DONT_EXPIRE_PASSWD = 0x00010000;

                        combinedFlag = ADS_UF_NORMAL_ACCOUNT | ADS_UF_DONT_EXPIRE_PASSWD | ADS_UF_PASSWD_CANT_CHANGE;

                        //3. Account Disabled
                        if (!accountActive)
                        {
                            int ADS_UF_ACCOUNTDISABLE = 0x0002;
                            combinedFlag = combinedFlag | ADS_UF_ACCOUNTDISABLE;
                        }

                        userEntry.Invoke("Put", new Object[] { "userFlags", combinedFlag });

                        //Commit Changes
                        userEntry.CommitChanges();
                        result = _operationSuccess;
                        userEntry.Close();
                        userEntry.Dispose();
                    }
                    catch (Exception ex)
                    {
                        result = ex.Message;
                    }
                }
                else
                {
                    result = _operationUserNotExist;
                }
            }
            localMachine.Close();
            localMachine.Dispose();
            return result;
        }
        
        /// <summary>
        /// Sets the Password of the Specified User
        /// </summary>
        /// <param name="userIdentity"></param>
        /// <param name="newPassword"></param>
        /// <returns></returns>
        public static string SetUserPassword(string userIdentity, string newPassword)
        {
            System.DirectoryServices.DirectoryEntry localMachine = GetLocalMachineEntry();
            string result = _operationFailed;

            if (localMachine != null)
            {
                if (UserExist(userIdentity))
                {
                    try
                    {
                        System.DirectoryServices.DirectoryEntry userEntry = localMachine.Children.Find(userIdentity, "user");                        
                        userEntry.Invoke("SetPassword", newPassword);
                        userEntry.CommitChanges();
                        result = _operationSuccess;
                        userEntry.Close();
                        userEntry.Dispose();
                    }
                    catch (Exception ex)
                    {
                        result = ex.Message;
                    }
                }
                else
                {
                    result = _operationUserNotExist;
                }
            }
            localMachine.Close();
            localMachine.Dispose();
            return result;
        }
        public static string SetUserDescription(string userIdentity, string userDescription)
        {
            System.DirectoryServices.DirectoryEntry localMachine = GetLocalMachineEntry();
            string result = _operationFailed;

            if (localMachine != null)
            {
                if (UserExist(userIdentity))
                {
                    try
                    {
                        System.DirectoryServices.DirectoryEntry userEntry = localMachine.Children.Find(userIdentity, "user");
                        userEntry.Invoke("Put", new object[] { "Description", userDescription });
                        userEntry.CommitChanges();
                        result = _operationSuccess;
                        userEntry.Close();
                        userEntry.Dispose();
                    }
                    catch (Exception ex)
                    {
                        result = ex.Message;
                    }
                }
                else
                {
                    result = _operationUserNotExist;
                }

            }
            localMachine.Close();
            localMachine.Dispose();
            return result;
        }
        /// <summary>
        /// Modify specified user-account settings
        /// </summary>
        /// <param name="userIdentity"></param>
        /// <param name="changeUserPassword"></param>
        /// <param name="newUserPassword"></param>
        /// <param name="userDescription"></param>
        /// <param name="accountActive"></param>
        /// <param name="cannotChangePassword"></param>
        /// <param name="passwordNeverExpires"></param>
        /// <param name="isGroupChanged"></param>
        /// <param name="newGroup"></param>
        /// <param name="oldGroup"></param>
        /// <returns></returns>
        public static string ModifyUser(string userIdentity, bool changeUserPassword, string newUserPassword, string userDescription, bool accountActive, bool cannotChangePassword, bool passwordNeverExpires, bool isGroupChanged, string newGroup, string oldGroup)
        {
            System.DirectoryServices.DirectoryEntry localMachine = GetLocalMachineEntry();
            string result = _operationFailed;

            if (localMachine != null)
            {
                if (changeUserPassword)
                {
                    result = SetUserPassword(userIdentity, newUserPassword);

                    if (result == _operationSuccess)
                    {
                        if (isGroupChanged && (oldGroup != newGroup))
                        {
                            //first add the user to the new group
                            result = AddUserToGroup(userIdentity, newGroup);
                            if (result == _operationSuccess)
                            {
                                result = RemoveUserFromGroup(userIdentity, oldGroup);
                            }
                        }
                        if (result == _operationSuccess)
                        {
                            result = SetUserDescription(userIdentity, userDescription);

                            if (result == _operationSuccess)
                            {
                                result = SetUserFlags(userIdentity, cannotChangePassword, passwordNeverExpires, accountActive);
                            }
                        }
                    }
                }
            }
            localMachine.Close();
            localMachine.Dispose();
            return result;
        }
        /// <summary>
        /// Modify the User-Flags
        /// </summary>
        /// <param name="userIdentity"></param>
        /// <param name="cannotChangePassword"></param>
        /// <param name="passwordNeverExpires"></param>
        /// <param name="accountActive"></param>
        /// <returns></returns>
        public static string SetUserFlags(string userIdentity, bool cannotChangePassword, bool passwordNeverExpires, bool accountActive)
        {
            string result = _operationFailed;
            System.DirectoryServices.DirectoryEntry localMachine = GetLocalMachineEntry();

            if (localMachine != null)
            {
                if (UserExist(userIdentity))
                {
                    System.DirectoryServices.DirectoryEntry userEntry = localMachine.Children.Find(userIdentity, "user");
                    
                    //Flags
                    //First Normal Account
                    int ADS_UF_NORMAL_ACCOUNT = 512;
                    int combinedFlag = ADS_UF_NORMAL_ACCOUNT;

                    //1. User cannot change password
                    int ADS_UF_PASSWD_CANT_CHANGE = 0x000000040;

                    //2. Password Never Expires
                    int ADS_UF_DONT_EXPIRE_PASSWD = 0x00010000;

                    if (cannotChangePassword && passwordNeverExpires)
                        combinedFlag = combinedFlag | ADS_UF_DONT_EXPIRE_PASSWD | ADS_UF_PASSWD_CANT_CHANGE;
                    else if (cannotChangePassword)
                        combinedFlag = combinedFlag | ADS_UF_PASSWD_CANT_CHANGE;
                    else if (passwordNeverExpires)
                        combinedFlag = combinedFlag | ADS_UF_DONT_EXPIRE_PASSWD;

                    //combinedFlag = ADS_UF_NORMAL_ACCOUNT | ADS_UF_DONT_EXPIRE_PASSWD | ADS_UF_PASSWD_CANT_CHANGE;

                    //3. Account Disabled
                    if (!accountActive)
                    {
                        int ADS_UF_ACCOUNTDISABLE = 0x0002;
                        combinedFlag = combinedFlag | ADS_UF_ACCOUNTDISABLE;
                    }
                    try
                    {
                        userEntry.Invoke("Put", new Object[] { "userFlags", combinedFlag });

                        //Commit Changes
                        userEntry.CommitChanges();
                        result = _operationSuccess;
                        userEntry.Close();
                        userEntry.Dispose();
                    }
                    catch (Exception ex)
                    {
                        result = ex.Message;
                    }                    
                }
                else
                {
                    result = _operationUserNotExist;
                }
            }
            localMachine.Close();
            localMachine.Dispose();
            return result;
        }
        /// <summary>
        /// Deletes the specified user-identity
        /// </summary>
        /// <param name="userIdentity"></param>
        /// <returns></returns>
        public static string DeleteUser(string userIdentity)
        {
            string result = _operationFailed;
            System.DirectoryServices.DirectoryEntry localMachine = GetLocalMachineEntry();

            if (localMachine != null)
            {
                if (UserExist(userIdentity))
                {
                    try
                    {
                        System.DirectoryServices.DirectoryEntry userEntry = localMachine.Children.Find(userIdentity, "user");
                        localMachine.Children.Remove(userEntry);
                        result =_operationSuccess;
                        userEntry.Close();
                        userEntry.Dispose();
                    }
                    catch (Exception ex)
                    {
                        result = ex.Message;
                    }
                }
                else
                {
                    result = _operationUserNotExist;
                }
            }
            localMachine.Close();
            localMachine.Dispose();
            return result;
        }

    }
}
    

Kommentare zum Snippet

 

Logge dich ein, um hier zu kommentieren!