Question

我正在尝试通过C＃脚本将用户添加到活动目录。我在互联网上找到了这个脚本（我自己没有创建）。问题是我在尝试添加用户时遇到此错误：

指定的目录服务属性或值不存在。

这是我现在的代码：

private void buttonCreateUser_Click(object sender, EventArgs e)
{
    CreateADSUser(textboxUsername.Text, textboxPassword.Text);
}

public string CreateADSUser(string username, string password)
{
    String RootDSE;
    try
    {
        DirectorySearcher DSESearcher = new DirectorySearcher();
        RootDSE = DSESearcher.SearchRoot.Path;

        RootDSE = RootDSE.Insert(7, "CN=Users,");

        DirectoryEntry myDE = new DirectoryEntry(RootDSE);
        DirectoryEntries myEntries = myDE.Children;

        DirectoryEntry myDirectoryEntry = myEntries.Add("CN=" + username, "user");
        myDirectoryEntry.Properties["userPrincipalName"].Value = username;
        myDirectoryEntry.Properties["name"].Value = username;
        myDirectoryEntry.Properties["Password"].Value = password;
        myDirectoryEntry.Properties["samAccountName"].Value = username;
        myDirectoryEntry.Properties["FullName"].Value = username;
        myDirectoryEntry.Properties["AccountDisabled"].Value = 0;
        myDirectoryEntry.Properties["PasswordRequired"].Value = 1;

        // Permanent Password?
        myDirectoryEntry.Properties["permpass"].Value = 1;
        myDirectoryEntry.CommitChanges();

        DSESearcher.Dispose();
        myDirectoryEntry.Dispose();

        textboxReports.Text = "Worked!";
        return "Worked!";
    }
    catch (Exception ex)
    {
        textboxReports.Text = ex.Message;
        return ex.Message;
    }
}

Answer 1

没关系，我得到了修复！

这就是它现在的样子：

using (var pc = new PrincipalContext(ContextType.Domain))
            {
                using (var up = new UserPrincipal(pc))
                {
                    up.SamAccountName = textboxUsername.Text; // Username
                    up.EmailAddress = textboxEmail.Text; // Email
                    up.SetPassword(textboxPassword.Text); // Password
                    up.Enabled = true;
                    up.ExpirePasswordNow();
                    up.Save();
                }
            }

Answer 2

这里的问题是这些属性实际上都不存在：

myDirectoryEntry.Properties["Password"].Value = password; 
myDirectoryEntry.Properties["FullName"].Value = username; 
myDirectoryEntry.Properties["AccountDisabled"].Value = 0; 
myDirectoryEntry.Properties["PasswordRequired"].Value = 1; 
myDirectoryEntry.Properties["permpass"].Value = 1;

这个不是你写的：

myDirectoryEntry.Properties["name"].Value = username;

按顺序（从上到下）这里是实际的属性名称：

密码 - unicodePwd
FullName - displayName
AccountDisabled - userAccountControl
PasswordRequired - userAccountControl（实际上您设置了反向 - 仅在不需要密码的情况下）
permPass - unicodePwd（不知道这个目标是什么）

Answer 3

通过System.DirectoryServices.AccountManagement ..

              PrincipalContext ouContex = new PrincipalContext(ContextType.Domain, "TestDomain.local",           "OU=TestOU,DC=TestDomain,DC=local");

        for (int i = 0; i < 3; i++)
        {
            try
            {
                UserPrincipal up = new UserPrincipal(ouContex);
                up.SamAccountName = "TestUser" + i;
                up.SetPassword("password");
                up.Enabled = true;
                up.ExpirePasswordNow();
                up.Save();
            }
            catch (Exception ex)
            {

            }
        }

通过System.DirectoryServices

To use this namespace you need to add reference  System.DirectoryServices.dll 

       DirectoryEntry ouEntry = new DirectoryEntry("LDAP://OU=TestOU,DC=TestDomain,DC=local");

        for (int i = 3; i < 6; i++)
        {
            try
            {
                DirectoryEntry childEntry = ouEntry.Children.Add("CN=TestUser" + i, "user");
                childEntry.CommitChanges();
                ouEntry.CommitChanges();
                childEntry.Invoke("SetPassword", new object[] { "password" });
                childEntry.CommitChanges();
            }
            catch (Exception ex)
            {

            }
        }

Active Directory创建用户

3 个答案: