项目需求:
同步人事系统的组织架构-对应AD的OU树同步人事系统的员工-对应AD的用户
创建OU 名字不能重复,需要父级路径(parentOrganizeUnit)以及新ou的名字(name),如果最父级则上级路径为域节点
DirectoryEntry CreateOrganizeUnit(string OrgId,string name, string parentOrganizeUnit,int Id,ADInfo ad)更改OU名称 需要旧的OU路径(oldUnit)以及“OU=新OUName”(newUnit)
DirectoryEntry UpdateOrganizeUnit(string newUnit, string OUName, string oldUnit, int Id,ADInfo ad) 使用Renname更改OU上级 需要新的上级路径(newparentOrganizeUnit)旧OU的路径(oldUnit)
DirectoryEntry MoveOrganizeUnit(string oldUnit, string newparentOrganizeUnit, int Id,ADInfo ad)创建ou用户需要ou路径(orgPath) 以及用户信息(user)
AddADAccount(string orgPath, EmpInfo user, int Id,ADInfo ad)注意ou树下的名字是cn字段(不能重复),cn需要重新赋值时用renamesAMAccountName 用户(不能重复)userPrincipalName 有域名的用户名 (不能重复)邮箱为空不能赋值(mail)移动用户 需要用户路径(user_path)以及OU路径(target_path)
MoveUser(string user_path, string target_path,string OuName, int Id,ADInfo ad)设置密码
NewUser.Invoke("SetPassword", new object[] { accountPwd });
设置用户下次登录必须修改密码
NewUser.Properties["pwdLastSet"].Value = 0;
对应TXT 代码
using System;using System.Collections.Generic;using System.Linq;using System.Text;using Quartz;using vxTalent.Schedule.DALBase;using System.Data;using System.DirectoryServices;using vxTalent.Schedule.DALBase.AD;using System.Configuration;using System.Reflection;using Microsoft.International.Converters.PinYinConverter;namespace vxTalent.User.ModuleJob.AD{ public class ADSynData : IJob { private static readonly log4net.ILog logger = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType); private static bool IsSendSMSLocked = false; private static readonly object lynLock = new object(); ADSynDataAccess asy = new ADSynDataAccess(); /// /// 域名 ///// //private string _domain; ///// ///// 主机域IP ///// //private string _domainIp; ///// ///// 管理员账号 ///// //private string adminUser; ///// ///// 管理员密码 ///// //private string adminPwd; ///// ///// 路径的最前端 ///// //private string _ldapIdentity; /// /// 路径的最后端 /// string accountPwd = ObjConvert.ObjString(ConfigurationManager.AppSettings["AdInitPwd"]) == "" ? "abc12345!" : ObjConvert.ObjString(ConfigurationManager.AppSettings["AdInitPwd"]); int i = 0; //重复变量 private string sAMAccountName = ""; protected int AdRepeatNum = ObjConvert.ObjInt(ConfigurationManager.AppSettings["AdRepeatNum"]) == 0 ? 8 : ObjConvert.ObjInt(ConfigurationManager.AppSettings["AdRepeatNum"]); string cnName = ""; public void Test() { string domain_ = row["ADName"].ToString(); string domainIp_ = row["ADUrl"].ToString(); string adminUser_ = row["ADName"].ToString() + "\\" + row["UserName"].ToString(); string adminPwd_ = row["Pwd"].ToString(); string ldapIdentity_ = "LDAP://" + domainIp_ + "/"; string houzhui_ = row["ADSur"].ToString() != "" ? row["ADSur"].ToString() : "com"; string suffixPath_ = "DC=" + domain_ + ",DC=" + houzhui_; ADInfo ad = new ADInfo { adsur = houzhui_, domain = domain_, domainIp = domainIp_, ldapIdentity = ldapIdentity_, suffixPath = suffixPath_, adminPwd = adminPwd_, adminUser = adminUser_, houzhui=houzhui_, dbCon = dbString }; RunData(dbString, ad); } /// /// 遍历每个 库的待同步数据 /// /// protected void RunData(string conn,ADInfo ad ) { DataTable waitingData = asy.GetWaitingData(conn); if (waitingData != null && waitingData.Rows.Count > 0) { string operation = ""; foreach (DataRow item in waitingData.Rows) { try { int synId = ObjConvert.ObjInt(item["Id"]); operation = ObjConvert.ObjString(item["Operation"]); //部门操作 if (ObjConvert.ObjString(item["SynType"]) == "1") { string path = "", orgName = "", relateId = ObjConvert.ObjString(item["RelateID"]); DataTable orgDatatable = asy.GetOrgById(conn, relateId); string parentOrgId = ""; string name = ""; if (orgDatatable != null && orgDatatable.Rows.Count > 0) { name = ObjConvert.ObjString(orgDatatable.Rows[0]["organizationalname"]); parentOrgId = ObjConvert.ObjString(orgDatatable.Rows[0]["ParentOrganizationalID"]); } else { DataTable hisTable = asy.GetHistoryOrg(conn, relateId); if (hisTable != null && hisTable.Rows.Count > 0) { name = ObjConvert.ObjString(hisTable.Rows[0]["organizationalname"]); parentOrgId = ObjConvert.ObjString(hisTable.Rows[0]["ParentOrganizationalID"]); } } switch (operation) { case "Add": //parentPath = asy.GetPathOrgId(conn, ObjConvert.ObjString(orgDatatable.Rows[0]["ParentOrganizationalID"])); CreateOrganizeUnit(relateId, name, parentOrgId, synId, ad); break; case "ParentChange": //MovePath = asy.GetPathOrgId(conn, ObjConvert.ObjString(item["MergeDeleteId"])); MoveOrganizeUnit(relateId, ObjConvert.ObjString(item["MergeDeleteId"]), synId, ad); break; case "Update": // string repl= oldOrgName.Split('/')[0]; orgName = "OU=" + name; UpdateOrganizeUnit(orgName, name, relateId, synId, ad); break; case "Merge": string[] arrDeleteId = ObjConvert.ObjString(item["MergeDeleteId"]).Split(','); MergeOu(arrDeleteId, ObjConvert.ObjString(item["RelateID"]), name, synId, ad); break; case "Disable": //禁用加+封存 orgName = "OU=" + name + "(封存)"; UpdateOrganizeUnit(orgName, name + "(封存)", relateId, synId, ad); break; } } else { //人员操作 DataTable empTable = asy.GetEmpById(conn, ObjConvert.ObjInt(item["RelateID"])); EmpInfo empDetail = new EmpInfo(); if (empTable != null && empTable.Rows.Count > 0) { string CNName = ObjConvert.ObjString(empTable.Rows[0]["CNName"]); string piyin = ObjConvert.ObjString(empTable.Rows[0]["Pinyin"]); if (string.IsNullOrEmpty(piyin)) { piyin = ObjConvert.ObjStringToLower(PingYinHelper.ConvertToAllSpell(CNName)); } string ADName = ObjConvert.ObjString(empTable.Rows[0]["CN_ADName"]); empDetail.emloyeeID = ObjConvert.ObjString(empTable.Rows[0]["EmpCode"]); empDetail.sAMAccountName = string.IsNullOrEmpty(ADName) ? ObjConvert.ObjStringToLower(piyin) : ObjConvert.ObjStringToLower(ADName); empDetail.userPrincipalName = empDetail.sAMAccountName + "@" + ad.domain + "." + ad.adsur; empDetail.employeeType = ObjConvert.ObjString(empTable.Rows[0]["empTypeText"]); empDetail.DepartmentName = ObjConvert.ObjString(empTable.Rows[0]["OrganizationalName"]); empDetail.Mail = ObjConvert.ObjString(empTable.Rows[0]["Email"]); empDetail.DisplayName = CNName; if (CNName.Length > 1) { empDetail.Surname = CNName.Substring(0, 1);//姓 empDetail.GivenName = CNName.Substring(1, CNName.Length - 1);//名 } else { empDetail.Surname = CNName; } empDetail.Department = ObjConvert.ObjString(empTable.Rows[0]["OrganizationalID"]); empDetail.Oupath = GetOuDirectory(empDetail.Department, ad).Path; //string newouName = asy.GetOrgName(conn, ObjConvert.ObjString(empTable.Rows[0]["OrganizationalID"])); string newouName = ""; string newPath = ""; switch (operation) { case "Add": i = 0; cnName = empDetail.DisplayName; sAMAccountName = empDetail.sAMAccountName; AddADAccount(empDetail.Oupath, empDetail, synId, ad); break; case "Dimission": DisableUser(empDetail.sAMAccountName, synId, ad); break; case "Mobilize": if (ObjConvert.ObjString(item["MergeDeleteId"]) != "") { newouName = asy.GetOrgName(conn, ObjConvert.ObjString(item["MergeDeleteId"])); newPath = GetOuDirectory(ObjConvert.ObjString(item["MergeDeleteId"]), ad).Path; } else { newouName = asy.GetOrgName(conn, empDetail.Department); newPath = GetOuDirectory(empDetail.Department, ad).Path; } MoveUser(GetDirectoryEntryByAccount(empDetail.sAMAccountName, ad).Path, newPath, newouName, synId, ad); break; case "Update": UpdateUser(empDetail, synId, ad); break; case "Rehab": EnableUser(empDetail.sAMAccountName, synId, ad); UpdateUser(empDetail, synId, ad); newouName = asy.GetOrgName(conn, ObjConvert.ObjString(empTable.Rows[0]["OrganizationalID"])); MoveUser(GetDirectoryEntryByAccount(empDetail.sAMAccountName, ad).Path, empDetail.Oupath, newouName, synId, ad); break; //重聘启用 用户 更新 并且可能移动部门 } } } } catch (Exception e) { logger.Error(e.Message); } } } } #region 创建OU /// /// 创建OUl /// /// 管理员名称 /// 管理员密码 /// 创建的OU名称 /// 父组织单位 /// 目录实体 public DirectoryEntry CreateOrganizeUnit(string OrgId,string name, string parentOrganizeUnit,int Id,ADInfo ad) { DirectoryEntry parentEntry = null; try { string parentPath = ""; DirectoryEntry de = GetOuDirectory(parentOrganizeUnit,ad); if (de == null) { parentPath = GetOrganizeNamePath("",ad); } else { parentPath = de.Path; } //示例顶级"" parentEntry = new DirectoryEntry(parentPath, ad.adminUser, ad.adminPwd, AuthenticationTypes.Secure); DirectoryEntry organizeEntry = parentEntry.Children.Add("OU=" + name, "organizationalUnit"); organizeEntry.Properties["postalCode"].Value = OrgId; organizeEntry.CommitChanges(); //DomainUser._success = "组织单位添加成功!"; logger.Info("创建OU成功" + name); asy.UpdateStatus(ad.dbCon,Id,"Success"); return organizeEntry; } catch (System.DirectoryServices.DirectoryServicesCOMException ex) { //DomainUser._failed = "添加组织单位失败!"+ex.Message.ToString(); logger.Error("创建OU失败"+name+":"+ex.Message); asy.UpdateStatus(ad.dbCon, Id, "Error", ex.Message); return new DirectoryEntry(); } finally { if (parentEntry != null) { parentEntry.Dispose(); } } } #endregion #region 更改OU名称 public DirectoryEntry UpdateOrganizeUnit(string newUnit, string OUName, string oldUnit, int Id,ADInfo ad) { DirectoryEntry parentEntry = null; try { List list = GetListDirectory(GetOuDirectory(oldUnit,ad).Path,ad); if (list != null && list.Count > 0) { foreach (DirectoryEntry item in list) { item.Properties["department"][0] = OUName; item.CommitChanges(); item.Dispose(); } } //示例顶级"" parentEntry = new DirectoryEntry(GetOuDirectory(oldUnit,ad).Path, ad.adminUser, ad.adminPwd, AuthenticationTypes.Secure); parentEntry.Rename(newUnit); parentEntry.CommitChanges(); logger.Info("更新OU成功" + OUName); asy.UpdateStatus(ad.dbCon, Id, "Success"); return parentEntry; } catch (System.DirectoryServices.DirectoryServicesCOMException ex) { logger.Error("更改OU失败" + OUName + ":" + ex.Message); asy.UpdateStatus(ad.dbCon, Id, "Error", ex.Message); return new DirectoryEntry(); } finally { if (parentEntry != null) { parentEntry.Dispose(); } } } #endregion #region 移动OU public DirectoryEntry MoveOrganizeUnit(string oldUnit, string newparentOrganizeUnit, int Id,ADInfo ad) { DirectoryEntry Entry = null; try { //示例顶级"" Entry = new DirectoryEntry(GetOuDirectory(oldUnit, ad).Path, ad.adminUser, ad.adminPwd, AuthenticationTypes.Secure); DirectoryEntry parentEntry = new DirectoryEntry(GetOuDirectory(newparentOrganizeUnit, ad).Path, ad.adminUser, ad.adminPwd, AuthenticationTypes.Secure); Entry.MoveTo(parentEntry); Entry.CommitChanges(); logger.Info("更改OU父节点成功" + oldUnit); asy.UpdateStatus(ad.dbCon, Id, "Success"); return Entry; } catch (System.DirectoryServices.DirectoryServicesCOMException ex) { logger.Error("更改OU父节点:" + oldUnit + ":" + ex.Message); asy.UpdateStatus(ad.dbCon, Id, "Error", ex.Message); return new DirectoryEntry(); } finally { if (Entry != null) { Entry.Dispose(); } } } #endregion #region 合并OU public void MergeOu(string[] deleteArr, string newUnit, string OUName,int Id,ADInfo ad) { //DataTable mergeEmpTable = asy.GetMergeListBySynId(ad.dbCon, Id); try { if (deleteArr.Length > 0) { DirectoryEntry t = new DirectoryEntry(GetOuDirectory(newUnit, ad).Path, ad.adminUser, ad.adminPwd); for (int i = 0; i < deleteArr.Length; i++) { List list = GetListDirectory(GetOuDirectory(deleteArr[i],ad).Path,ad); if (list != null && list.Count > 0) { //if (mergeEmpTable != null && mergeEmpTable.Rows.Count > 0) //{ foreach (DirectoryEntry item in list) { string saName = ObjConvert.ObjString(item.Properties["sAMAccountName"][0]); //DataRow[] dtrows= mergeEmpTable.Select("CN_ADName='" + saName + "'"); //if (dtrows != null && dtrows.Count() > 0) { //服务逻辑是先同步部门操作,合并的时候 //可能发生 已经从这个部门调转出去了,但是服务先合并到别的部门了,所有没法后续的人员调岗操作了 //同时更改部门用户名字 item.Properties["department"][0] = OUName; item.CommitChanges(); //更改OU item.MoveTo(t); item.Dispose(); //} } //} } } logger.Info("合并OU成功" + OUName); asy.UpdateStatus(ad.dbCon, Id, "Success"); } } catch (Exception t) { logger.Error("合并异常:" + OUName + t.Message); asy.UpdateStatus(ad.dbCon, Id, "Error", t.Message); } } #endregion #region 组织结构下添加AD账户 /// /// 添加AD账户 /// /// 组织名称 /// 域账户 /// 添加是否成功 public void AddADAccount(string orgPath, EmpInfo user, int Id,ADInfo ad) { DirectoryEntry entry = null; try { if (IsExistOuPath(orgPath,ad) && user != null) { if (!IsAccExists(user.sAMAccountName, ad)) { string cn = GetCnName(user.DisplayName, ad); entry = new DirectoryEntry(orgPath, ad.adminUser, ad.adminPwd, AuthenticationTypes.Secure); //增加账户到域中 DirectoryEntry NewUser = entry.Children.Add("CN=" + cn, "user"); NewUser.Properties["sAMAccountName"].Add(user.sAMAccountName); //account NewUser.Properties["userPrincipalName"].Value = user.userPrincipalName; //user logon name,xxx@bdxy.com NewUser.Properties["employeeID"].Value = user.emloyeeID; NewUser.Properties["employeeType"].Value = user.employeeType; NewUser.Properties["Department"].Value = user.DepartmentName; NewUser.Properties["displayName"].Value = user.DisplayName; // NewUser.Properties["name"].Value = user.DisplayName; //NewUser.Properties["Surname"].Value = user.Surname; NewUser.Properties["givenName"].Value = user.GivenName; NewUser.Properties["Sn"].Value = user.Surname; if (user.Mail != null && user.Mail != "") { NewUser.Properties["mail"].Value = user.Mail; } NewUser.CommitChanges(); //设置密码 //反射调用修改密码的方法(注意端口号的问题 端口号会引起方法调用异常) NewUser.Invoke("SetPassword", new object[] { accountPwd }); //默认设置新增账户启用 NewUser.Properties["userAccountControl"].Value = 0x200; NewUser.CommitChanges(); //DomainUser._success = "账户添加成功!"; logger.Info("账户添加成功" + user.sAMAccountName); asy.UpdateADPinyin(ad.dbCon, Id, user.sAMAccountName); asy.UpdateStatus(ad.dbCon, Id, "Success"); } else { if (i <= AdRepeatNum) { i++; user.sAMAccountName = sAMAccountName + "0" + i.ToString(); user.userPrincipalName = sAMAccountName + "0" + i + "@" + ad.domain + "." + ad.houzhui; AddADAccount(orgPath, user, Id, ad); } logger.Error("创建OU重复:" + sAMAccountName + i.ToString() + "次"); } } else { logger.Error("创建OU失败:在域中不存在直属组织单位" + user.sAMAccountName); asy.UpdateStatus(ad.dbCon, Id, "Error", "在域中不存在直属组织单位"); } } catch (Exception ex) { logger.Error("创建OU失败:" + sAMAccountName + ex.Message); asy.UpdateStatus(ad.dbCon, Id, "Error", ex.Message); } finally { if (entry != null) { entry.Dispose(); } } } #endregion public string GetCnName(string cn, ADInfo ad) { if (i < AdRepeatNum) { if (IsAccExistsCN(cn, ad)) { cn = cnName + "0" + i.ToString(); i++; GetCnName(cn, ad); } } return cn; } /// /// 移动用户(调岗) /// /// 用户Path /// 目标path /// /// 初始化移动 用户 /// /// /// /// /// /// /// /// 禁用指定的帐户(离职) /// /// public static void DisableUser(DirectoryEntry de) { //impersonate.BeginImpersonate(); de.Properties["userAccountControl"][0] = 0X0200 | 0X0002; de.CommitChanges(); //impersonate.StopImpersonate(); de.Close(); } /// /// 禁用指定公共名称的用户 /// /// 用户公共名称 public void DisableUser(string sAMacc, int Id,ADInfo ad) { try { DisableUser(GetDirectoryEntryByAccount(sAMacc,ad)); logger.Info("用户禁用成功:" + sAMacc); asy.UpdateStatus(ad.dbCon, Id, "Success"); } catch(Exception ex) { logger.Error("用户禁用失败:" + sAMacc+ ex.Message); asy.UpdateStatus(ad.dbCon, Id, "Error", ex.Message); } } /// /// 启用指定的域账号 /// /// 用户的域账号名称 public bool EnableUser(string sAMacc, int Id, ADInfo ad) { try { EnableUser(GetDirectoryEntryByAccount(sAMacc, ad)); logger.Info("用户启用成功:" + sAMacc); asy.UpdateStatus(ad.dbCon, Id, "Success"); return true; } catch (Exception ex) { logger.Error("用户启用失败:" + sAMacc + ex.Message); asy.UpdateStatus(ad.dbCon, Id, "Error", ex.Message); return false; } } /// /// 启用指定帐户 /// /// public void EnableUser(DirectoryEntry de) { de.Properties["userAccountControl"][0] = 0X0200; de.CommitChanges(); de.Close(); } /// /// 更新用户 (基本信息 显示名、员工类型、姓和名) /// /// public void UpdateUser(EmpInfo user, int Id,ADInfo ad) { try { if (IsAccExists(user.sAMAccountName, ad)) { DirectoryEntry userEntry = GetDirectoryEntryByAccount(user.sAMAccountName, ad); //userEntry.Properties["cn"][0] = newDisplayName; userEntry.Rename("CN=" + user.DisplayName); userEntry.Properties["displayName"][0] = user.DisplayName; // userEntry.Properties["name"][0] = user.DisplayName; userEntry.Properties["employeeType"][0] = user.employeeType; userEntry.Properties["Sn"][0] = user.Surname;//姓 userEntry.Properties["GivenName"][0] = user.GivenName;//名 if (!string.IsNullOrEmpty(user.Mail)) { userEntry.Properties["Mail"][0] = user.Mail;} //userEntry.Properties["Mail"][0] = user.Mail;//邮件 // userEntry.Rename("CN=" + newDisplayName); userEntry.CommitChanges(); userEntry.Dispose(); logger.Info("用户更新成功:" + user.sAMAccountName); asy.UpdateStatus(ad.dbCon, Id, "Success"); } } catch (Exception ex) { logger.Error("用户更新失败:" + user.sAMAccountName + ex.Message); asy.UpdateStatus(ad.dbCon, Id, "Error", ex.Message); } } public void UpdateUser(EmpInfo user, ADInfo ad) { try { if (IsAccExists(user.sAMAccountName, ad)) { DirectoryEntry userEntry = GetDirectoryEntryByAccount(user.sAMAccountName, ad); //userEntry.Properties["cn"][0] = newDisplayName; userEntry.Properties["displayName"].Value = user.DisplayName; userEntry.Properties["employeeID"].Value = user.emloyeeID; // userEntry.Properties["name"].Value = user.DisplayName; userEntry.Properties["employeeType"].Value = user.employeeType; userEntry.Properties["Sn"].Value = user.Surname;//姓 userEntry.Properties["GivenName"].Value = user.GivenName;//名 if (!string.IsNullOrEmpty(user.Mail)) { userEntry.Properties["Mail"].Value = user.Mail; } // userEntry.Properties["Mail"].Value = user.Mail;//邮件 // userEntry.Rename("CN=" + newDisplayName); userEntry.CommitChanges(); userEntry.Dispose(); logger.Info("用户更新成功:" + user.sAMAccountName); } } catch (Exception ex) { logger.Error("用户更新失败:" + user.sAMAccountName + ex.Message); } } /// /// 根据用户帐号称取得用户的 对象 /// /// 用户帐号名 /// 如果找到该用户,则返回用户的 对象;否则返回 null public DirectoryEntry GetDirectoryEntryByAccount(string sAMAccountName,ADInfo ad) { DirectoryEntry de = GetDirectoryObject(ad); DirectorySearcher deSearch = new DirectorySearcher(de); // DirectoryEntry de = new DirectoryEntry(path, adminUser, adminPwd, AuthenticationTypes.Secure); deSearch.Filter = "(&(&(objectCategory=person)(objectClass=user))(sAMAccountName=" + sAMAccountName + "))"; deSearch.SearchScope = SearchScope.Subtree; try { SearchResult result = deSearch.FindOne(); de = new DirectoryEntry(result.Path, ad.adminUser, ad.adminPwd); return de; } catch (Exception ex) { return null; } } /// /// 根据用户帐号称取得用户的 对象 /// /// 用户帐号名 /// 如果找到该用户,则返回用户的 对象;否则返回 null public string GetDirectoryPathEntryByAccount(string sAMAccountName, ADInfo ad) { DirectoryEntry de = GetDirectoryObject(ad); DirectorySearcher deSearch = new DirectorySearcher(de); string path=""; // DirectoryEntry de = new DirectoryEntry(path, adminUser, adminPwd, AuthenticationTypes.Secure); deSearch.Filter = "(&(&(objectCategory=person)(objectClass=user))(sAMAccountName=" + sAMAccountName + "))"; deSearch.SearchScope = SearchScope.Subtree; try { SearchResult result = deSearch.FindOne(); if (result != null) { de = new DirectoryEntry(result.Path, ad.adminUser, ad.adminPwd); path = de.Path; } return path; } catch (Exception ex) { return ""; } } /// /// 根据ou 路径 取得ou下所有用户 /// /// 用户帐号名 /// 如果找到该用户,则返回用户的 对象;否则返回 null public List GetListDirectory(string path,ADInfo ad) { List lis = new List (); DirectoryEntry de = GetDirectoryObject(path, ad); DirectorySearcher deSearch = new DirectorySearcher(de); deSearch.Filter = "(&(objectCategory=person)(cn=*))"; deSearch.SearchScope = SearchScope.Subtree; try { SearchResultCollection resultList = deSearch.FindAll(); if (resultList != null && resultList.Count>0) foreach (SearchResult item in resultList) { de = new DirectoryEntry(item.Path, ad.adminUser, ad.adminPwd); lis.Add(de); } return lis; } catch (Exception ex) { return null; } } /// /// /// /// /// /// 判断域中是否存在组织单位 /// /// 组织单位名 /// /// 是否村在OU路径 /// /// /// /// 获取组织名称路径 /// /// 组织 /// /// 分隔组织名称为标准AD的DN名称,各个组织级别以"/"或"\"分开。如"总部/物业公司/小区",并且当前域为 /// bdxy.com,则返回的AD的DN表示名为"OU=小区,OU=物业公司,OU=总部,DC=bdxy,DC=com"。 /// /// 组织名称 /// 返回一个级别 public string SplitOrganizeNameToDN(string organizeName, ADInfo ad, string userName = null) { StringBuilder sb = new StringBuilder(); if (userName != null) { sb.Append("CN=" + userName); } if (organizeName != null && organizeName.Length > 0) { string[] allOu = organizeName.Split(new char[] { '/', '\\' }); for (int i = 0; i <= allOu.Length - 1; i++) { string ou = allOu[i]; if (sb.Length > 0) { sb.Append(","); } sb.Append("OU=").Append(ou); } } //如果传入了组织名称,则添加, if (sb.Length > 0) { sb.Append(","); } sb.Append(ad.suffixPath); return sb.ToString(); } #endregion #region GetDirectoryObject /// /// 获得DirectoryEntry对象实例,以管理员登陆AD /// /// /// 根据指定用户名和密码获得相应DirectoryEntry实体 /// /// /// /// /// i.e. /CN=Users,DC=creditsights, DC=cyberelves, DC=Com /// /// /// /// 获得以UserName,Password创建的DirectoryEntry /// /// /// /// /// /// 判断帐户是否存在 /// /// Account用户名 /// 是否存在 public bool IsAccExists(string sAMAccountName, ADInfo ad) { DirectoryEntry de = GetDirectoryObject(ad); DirectorySearcher deSearch = new DirectorySearcher(de); deSearch.Filter = "(&(&(objectCategory=person)(objectClass=user))(sAMAccountName=" + sAMAccountName + "))"; // LDAP 查询串 SearchResultCollection results = deSearch.FindAll(); if (results.Count == 0) return false; else return true; } public bool IsAccExistsCN(string sAMAccountName, ADInfo ad) { DirectoryEntry de = GetDirectoryObject(ad); DirectorySearcher deSearch = new DirectorySearcher(de); deSearch.Filter = "(&(&(objectCategory=person)(objectClass=user))(CN=" + sAMAccountName + "))"; // LDAP 查询串 SearchResultCollection results = deSearch.FindAll(); if (results.Count == 0) return false; else return true; } } public class DomainUser { public string UserName { get; set; } public string UserPrincipalName { get; set; } public string UserId { get; set; } public string PhysicalDeliveryOfficeName { get; set; } public string Department { get; set; } public string Telephone { get; set; } public string Email { get; set; } public string Description { get; set; } public string UserPwd { get; set; } } public class EmpInfo { public string emloyeeID { get; set; } public string sAMAccountName { get; set; } public string userPrincipalName { get; set; } public string employeeType { get; set; } public string DepartmentName { get; set; } public string Mail { get; set; } public string DisplayName { get; set; } public string Surname { get; set; } public string GivenName { get; set; } public string Department { get; set; } public string Oupath { get; set; } } public class ADInfo{ public string domain { get; set; } public string domainIp { get; set; } public string adminUser { get; set; } public string adminPwd { get; set; } public string ldapIdentity { get; set; } public string suffixPath { get; set; } public string adsur { get; set; } public string houzhui { get; set; } public string dbCon { get; set; } } public class PingYinHelper { private static Encoding gb2312 = Encoding.GetEncoding("GB2312"); /// /// 汉字转全拼 /// /// /// /// 汉字转首字母 /// /// ///