 Active Directory Kullanıcı Adı Değiştirme
|
|
|
private void ChangeUserADPassword(string Username, string Password, string newPwd)
{
string dcDNS = "whatever.com";
string rootDN = null;
DirectoryEntry rootDSE = default(DirectoryEntry);
DirectoryEntry searchRoot = default(DirectoryEntry);
DirectoryEntry userEntry = default(DirectoryEntry);
DirectorySearcher searcher = default(DirectorySearcher);
SearchResultCollection results = default(SearchResultCollection);
SearchResult result = default(SearchResult);
string oldPassword = Password;
string newPassword = newPwd;
try {
//=========================================================================
//Here I am binding the directory to the root with the current
//users name and password instead of using an admin login to authenticate
//The reason for this is that the users are not admin and only admin
//can use the setpassword invoke method. thus, authenticated users will
//use the change password method
//note the authenicationtypes here
//you need to either use SecureSocketsLayer or Kerberos (Secure + Sealing)
result = null;
rootDSE = new DirectoryEntry(string.Format("LDAP://{0}/rootDSE", dcDNS), Username, oldPassword, AuthenticationTypes.Secure | AuthenticationTypes.Sealing | AuthenticationTypes.ServerBind);
rootDN = (string)rootDSE.Properties("defaultNamingContext").Value;
searchRoot = new DirectoryEntry(string.Format("LDAP://{0}/{1}", dcDNS, rootDN), Username, oldPassword, AuthenticationTypes.Secure | AuthenticationTypes.Sealing | AuthenticationTypes.ServerBind);
//==================================================================
//------------------------------------------------------------------------
//Find the user by their username in the directory using the
//DirectorySearcher()
searcher = new DirectorySearcher(searchRoot);
searcher.Filter = string.Format("sAMAccountName={0}", Username);
searcher.SearchScope = SearchScope.Subtree;
searcher.CacheResults = false;
results = searcher.FindAll;
//-------------------------------------------------------------------------
//*****************************************************
foreach (var result in results) {
//only use this method on .NET 1.1 or higher
//otherwise, get the adsPath value and build a new
//DirectoryEntry with the supplied credentials
userEntry = result.GetDirectoryEntry();
break; // TODO: might not be correct. Was : Exit For
}
//this is redundant because sAMAccountName is unique
//in the domain, but it is done for clarity
//Bind the user's DirectoryEntry (found from result search)
//result = Nothing
userEntry = result.GetDirectoryEntry();
if (userEntry == null) {
Label4.Text = "User not found in this domain.";
return;
}
//Invoke the ChangePassword method (not the SetPassword method, since that
//is used by admins to reset a password)
userEntry.Invoke("ChangePassword", new object[] { oldPassword, newPassword });
userEntry.CommitChanges();
//****************************************************
Label4.Text = "Password Changed Successfully";
if ((Session("User") != null)) {
txtuser.Text = (string)Session("User");
GetUserPasswordADInfo((string)Session("User"));
}
else {
GetUserPasswordADInfo(Strings.Trim(txtuser.Text));
}
}
catch (Exception ex) {
//System.Reflection.TargetInvocationException
Label4.Text = ex.Message;
}
finally {
//these prevent other memory leaks
userEntry = null;
if ((userEntry != null)) userEntry.Dispose();
results = null;
if ((results != null)) results.Dispose();
searcher = null;
if ((searcher != null)) searcher.Dispose();
searchRoot = null;
if ((searchRoot != null)) searchRoot.Dispose();
rootDSE = null;
if ((rootDSE != null)) rootDSE.Dispose();
}
}
Kaynak
Hatırlamıyorum :( O yüzden Anonim
|
|
etiketler : Asp.NET, Active Directory
|
02.01.2010 | ASP.Net | Okunma (459) | Yorumlar (0)
| Paylaş :
|
|
|
|