所以我正在使用UserPrincipal类创建一个AD用户,但我无法通过它设置允许拨入设置。
如何启用设置?
提前致谢!
答案 0 :(得分:1)
您无法在UserPrincipal类中设置所有属性。这可以在 DirectoryEntry 类的帮助下给出一个如何做到这一点的想法:
//Get the Directory entry of your Userprincipal
DirectoryEntry directoryEntry = [YOUR_USERPRINCIPAL_OBJECT].GetUnderlyingObject() as DirectoryEntry;
//Set Allow Dialin attribute
directoryEntry.Properties["msNPAllowDialin"].Value = false;
//Save changes
directoryEntry.CommitChanges();
希望这有帮助
答案 1 :(得分:0)
如果您愿意,可以使用UserPrincipal使用user principal extension读取和写入DialIn选项
您可以像这样创建扩展用户主体
[DirectoryObjectClass("user")]
[DirectoryRdnPrefix("CN")]
public class UserPrincipalExtension : UserPrincipal
{
public UserPrincipalExtension(PrincipalContext context) : base(context) { }
public UserPrincipalExtension(PrincipalContext context, string samAccountName, string password, bool isEnabled)
: base(context, samAccountName, password, isEnabled)
{
}
[DirectoryProperty("msNPAllowDialin")]
public bool? DialIn
{
get
{
if (ExtensionGet("msNPAllowDialin").Length != 1)
return null;
return (bool?)ExtensionGet("msNPAllowDialin")[0];
}
set { this.ExtensionSet("msNPAllowDialin", value); }
}
}
然后你可以设置属性
//this code will create a new user on AD
using (PrincipalContext context = new PrincipalContext(ContextType.Domain, "SharePoint", "OU=Employees,DC=SharePoint,DC=Com"))
{
using (UserPrincipalExtension up = new UserPrincipalExtension(context))
{
//Set all others properties
up.DialIn = true; //true = Allow access, false = Deny access, null = control access through policy
up.Save();
}
}
//this code will update a user
using (PrincipalContext context = new PrincipalContext(ContextType.Domain, "SharePoint", "OU=Employees,DC=SharePoint,DC=Com"))
{
using (UserPrincipalExtension up = UserPrincipalExtension.FindByIdentity(context, samAccountName))
{
//Set all others properties
up.DialIn = true; //true = Allow access, false = Deny access, null = control access through policy
up.Save();
}
}