Windows Server Active Directory API

时间:2015-04-15 09:03:51

标签: windows-server-2008 active-directory api

我需要开发一个必须在Windows Server Active Directory中显示用户目录的Web应用程序。

Windows Server Active Directory是否有一些我可以调用以回复这些信息的API?

1 个答案:

答案 0 :(得分:0)

WSH:

' ADSI Constant declarations

const ADS_GROUP_TYPE_GLOBAL_GROUP = &h2
const ADS_GROUP_TYPE_LOCAL_GROUP = &h4
const ADS_GROUP_TYPE_UNIVERSAL_GROUP = &h8
const ADS_GROUP_TYPE_SECURITY_ENABLED = &h80000000

Const ADS_PROPERTY_CLEAR = 1
Const ADS_PROPERTY_UPDATE = 2
Const ADS_PROPERTY_APPEND = 3
Const ADS_PROPERTY_DELETE = 4

'#region ADSIUser Class
Class ADSIUser

Public ADUser

Public Function GetItem(strItem)

        GetItem = ADUser.Get(strItem)

End Function

Public Function GetItemEx(strItem)

        GetItemEx = ADUser.GetEx(strItem)

End Function

Public Sub PutItem(strItem,newValue)

        ADUser.Put strItem, newValue
        ADUser.SetInfo

End Sub

Public Sub PutItemEx(strItem, newValueArray)

        ADUser.PutEx ADS_PROPERTY_UPDATE, strItem, newValueArray
        ADUser.SetInfo

End Sub

Public Sub ClearItem(strItem)

        ADUser.PutEx ADS_PROPERTY_CLEAR, strItem, 0
        ADUser.SetInfo

End Sub

Public Sub AppendItem(strItem, newValueArray)

        ADUser.PutEx ADS_PROPERTY_APPEND, strItem, newValueArray
        ADUser.SetInfo

End Sub

Public Sub PrintItems

        On Error Resume Next

        WScript.Echo VbCrLf & "** General Properties Page**"
        WScript.Echo "** (Single-Valued Attributes) **"
        WScript.Echo "name: " & ADUser.Get("name")
        WScript.Echo "givenName: " & ADUser.Get("givenName")
        WScript.Echo "initials: " & ADUser.Get("initials")
        WScript.Echo "sn: " & ADUser.Get("sn")
        WScript.Echo "displayName: " & ADUser.Get("displayName")
        WScript.Echo "description: " & ADUser.Get("description")
        WScript.Echo "physicalDeliveryOfficeName: " & ADUser.Get("physicalDeliveryOfficeName")
    WScript.Echo "telephoneNumber: " & ADUser.Get("telephoneNumber")
    WScript.Echo "mail: " & ADUser.Get("mail")
    WScript.Echo "wWWHomePage: " & ADUser.Get("wWWHomePage")

    WScript.Echo VbCrLf & "** General Properties Page**"
    WScript.Echo "** (MultiValued Attributes) **"
    WScript.Echo "otherTelephone:"
    For Each Item in ADUser.GetEx("otherTelephone")
     WScript.Echo vbTab & Item
    Next
    WScript.Echo "url:"
    For Each Item in ADUser.GetEx("url")
     WScript.Echo vbTab & Item
    Next

    WScript.Echo VbCrLf & "** Address Properties Page**"
    WScript.Echo "** (Single-Valued Attributes) **"
    WScript.Echo "streetAddress: " & ADUser.Get("streetAddress")
    WScript.Echo "l: " & ADUser.Get("l")
    WScript.Echo "st: " & ADUser.Get("st")
    WScript.Echo "postalCode: " & ADUser.Get("postalCode")
    WScript.Echo "c: " & ADUser.Get("c")

    WScript.Echo VbCrLf & "** Address Properties Page**"
    WScript.Echo "** (MultiValued Attributes) **"
    WScript.Echo "postOfficeBox:"
    For Each Item in ADUser.GetEx("postOfficeBox")
     WScript.Echo vbTab & Item
    Next

    WScript.Echo VbCrLf & "** Account Properties Page**"
    WScript.Echo "** (Single-Valued Attributes) **"
    WScript.Echo "userPrincipalName: " & ADUser.Get("userPrincipalName")
    WScript.Echo "dc: " & ADUser.Get("dc")
    WScript.Echo "sAMAccountName: " & ADUser.Get("sAMAccountName")
    WScript.Echo "userWorkstations: " & ADUser.Get("userWorkstations")

    WScript.Echo VbCrLf & "** Account Properties Page**"
    WScript.Echo "** (The userAccountControl attribute) **"
    Set objHash = CreateObject("Scripting.Dictionary")
    objHash.Add "ADS_UF_SMARTCARD_REQUIRED", &h40000
    objHash.Add "ADS_UF_TRUSTED_FOR_DELEGATION", &h80000
    objHash.Add "ADS_UF_NOT_DELEGATED", &h100000
    objHash.Add "ADS_UF_USE_DES_KEY_ONLY", &h200000
    objHash.Add "ADS_UF_DONT_REQUIRE_PREAUTH", &h400000
    intuserAccountControl = ADUser.Get("userAccountControl")
    For Each Key in objHash.Keys
      If objHash(Key) And intuserAccountControl Then
        WScript.Echo Key & " is enabled."
      Else
        WScript.Echo Key & " is disabled."
      End If
    Next
    If ADUser.IsAccountLocked = True Then
      WScript.Echo "ADS_UF_LOCKOUT is enabled"
    Else
      WScript.Echo "ADS_UF_LOCKOUT is disabled"
    End If

    If err.Number = -2147467259 Or ADUser.AccountExpirationDate = "1/1/1970" Then
      WScript.Echo "Account doesn't expire."
    Else
      WScript.Echo "Account expires on: " & ADUser.AccountExpirationDate
    End If

    WScript.Echo VbCrLf & "** Profile Properties Page**"
    WScript.Echo "** (Single-Valued Attributes) **"
    WScript.Echo "profilePath: " & ADUser.Get("profilePath")
    WScript.Echo "scriptPath: " & ADUser.Get("scriptPath")
    WScript.Echo "homeDirectory: " & ADUser.Get("homeDirectory")
    WScript.Echo "homeDrive: " & ADUser.Get("homeDrive")

    WScript.Echo VbCrLf & "** Telephone Properties Page**"
    WScript.Echo "** (Single-Valued Attributes) **"
    WScript.Echo "homePhone: " & ADUser.Get("homePhone")
    WScript.Echo "pager: " & ADUser.Get("pager")
    WScript.Echo "mobile: " & ADUser.Get("mobile")
    WScript.Echo "facsimileTelephoneNumber: " & ADUser.Get("facsimileTelephoneNumber")
    WScript.Echo "ipPhone: " & ADUser.Get("ipPhone")
    WScript.Echo "info: " & ADUser.Get("info")

    WScript.Echo VbCrLf & "** Telephone Properties Page**"
    WScript.Echo "** (MultiValued Attributes) **"
    WScript.Echo "otherHomePhone:"
    For Each Item in ADUser.GetEx("otherHomePhone")
     WScript.Echo vbTab & Item
    Next
    WScript.Echo "otherPager:"
    For Each Item in ADUser.GetEx("otherPager")
     WScript.Echo vbTab & Item
    Next
    WScript.Echo "otherMobile:"
    For Each Item in ADUser.GetEx("otherMobile")
     WScript.Echo vbTab & Item
    Next
    WScript.Echo "otherFacsimileTelephoneNumber:"
    For Each Item in ADUser.GetEx("otherFacsimileTelephoneNumber")
     WScript.Echo vbTab & Item
    Next
    WScript.Echo "otherIpPhone:"
    For Each Item in ADUser.GetEx("otherIpPhone")
     WScript.Echo vbTab & Item
    Next

    WScript.Echo VbCrLf & "** Organization Properties Page**"
    WScript.Echo "** (Single-Valued Attributes) **"
    WScript.Echo "title: " & ADUser.Get("title")
    WScript.Echo "department: " & ADUser.Get("department")
    WScript.Echo "company: " & ADUser.Get("company")
    WScript.Echo "manager: " & ADUser.Get("manager")

    WScript.Echo VbCrLf & "** Organization Properties Page**"
    WScript.Echo "** (MultiValued Attributes) **"
    WScript.Echo "directReports:"
    For Each Item in ADUser.GetEx("directReports")
     WScript.Echo vbTab & Item
    Next

    WScript.Echo VbCrLf & "** Environment Properties Page**"
    WScript.Echo "** (The ADSI Extension for Terminal Services interface) **"
    WScript.Echo "TerminalServicesInitialProgram: " & ADUser.TerminalServicesInitialProgram
    WScript.Echo "TerminalServicesWorkDirectory: " & ADUser.TerminalServicesWorkDirectory
    WScript.Echo "ConnectClientDrivesAtLogon: " & ADUser.ConnectClientDrivesAtLogon
    WScript.Echo "ConnectClientPrintersAtLogon: " & ADUser.ConnectClientPrintersAtLogon
    WScript.Echo "DefaultToMainPrinter: " & ADUser.DefaultToMainPrinter

    WScript.Echo VbCrLf & "** Sessions Properties Page**"
    WScript.Echo "** (The ADSI Extension for Terminal Services interface) **"
    WScript.Echo "MaxDisconnectionTime: " & ADUser.MaxDisconnectionTime
    WScript.Echo "MaxConnectionTime: " & ADUser.MaxConnectionTime
    WScript.Echo "MaxIdleTime: " & ADUser.MaxIdleTime
    WScript.Echo "BrokenConnectionAction: " & ADUser.BrokenConnectionAction
    WScript.Echo "ReconnectionAction: " & ADUser.ReconnectionAction

    WScript.Echo VbCrLf & "** Remote Control Properties Page**"
    WScript.Echo "** (The ADSI Extension for Terminal Services interface) **"
    WScript.Echo "EnableRemoteControl: " & ADUser.EnableRemoteControl

    Select Case ADUser.EnableRemoteControl
      Case 0
        WScript.Echo "Remote Control disabled"
      Case 1
        WScript.Echo "Remote Control enabled"
        WScript.Echo "User permission required"
        WScript.Echo "Interact with the session"
      Case 2
        WScript.Echo "Remote Control enabled"
        WScript.Echo "User permission not required"
        WScript.Echo "Interact with the session"
      Case 3
        WScript.Echo "Remote Control enabled"
        WScript.Echo "User permission required"
        WScript.Echo "View the session"
      Case 4
        WScript.Echo "Remote Control enabled"
        WScript.Echo "User permission not required"
        WScript.Echo "View the session"
    End Select

    WScript.Echo VbCrLf & "** Terminal Services Profile Properties Page**"
    WScript.Echo "** (The ADSI Extension for Terminal Services interface) **"
    WScript.Echo "TerminalServicesProfilePath: " & ADUser.TerminalServicesProfilePath
    WScript.Echo "TerminalServicesHomeDirectory: " & ADUser.TerminalServicesHomeDirectory
    WScript.Echo "TerminalServicesHomeDrive: " & ADUser.TerminalServicesHomeDrive
    WScript.Echo "AllowLogon: " & ADUser.AllowLogon

    WScript.Echo VbCrLf & "** COM+ Properties Page**"
    WScript.Echo "** (Single-Valued Attributes) **"
    WScript.Echo "msCOM-UserPartitionSetLink: " & ADUser.Get("msCOM-UserPartitionSetLink")

    WScript.Echo VbCrLf & "** Member Of Properties Page**"
    WScript.Echo "** (Single-Valued Attributes) **"
    WScript.Echo "primaryGroupID: " & ADUser.Get("primaryGroupID")

    WScript.Echo VbCrLf & "** Member Of Properties Page**"
    WScript.Echo "** (MultiValued Attributes) **"
    WScript.Echo "memberOf:"
    For Each Item in ADUser.GetEx("memberOf")
     WScript.Echo vbTab & Item
    Next

    WScript.Echo VbCrLf & "** Object Properties Page**"
    WScript.Echo "** (Single-Valued Attributes) **"
    WScript.Echo "whenCreated: " & ADUser.Get("whenCreated")
    WScript.Echo "whenChanged: " & ADUser.Get("whenChanged")

    ADUser.GetInfoEx Array("canonicalName"), 0
    WScript.Echo VbCrLf & "** Object Properties Page**"
    WScript.Echo "** (MultiValued Attributes) **"
    WScript.Echo "canonicalName:"
    For Each Item in ADUser.GetEx("canonicalName")
     WScript.Echo vbTab & Item
    Next
    On Error GoTo 0
End Sub

End Class

'#endregion

'#region ADSIConnection Class
Class ADSIConnection

        Private ADSIRootObject
        Private Initialized

Private Sub ConnectToRoot()

        If Initialized = 0 Then
                Set ADSIRootObject = GetObject("LDAP://rootDSE")
                Initialized = 1
        End If
End Sub

Private Function ConnectToContainer(strContainer,strName)

        Dim ADSIContainer
        Dim Root
        Dim objItem

        ConnectToRoot
        If strContainer = "" Then
                Set objItem = GetObject("LDAP://" & ADSIRootObject.Get("defaultNamingContext"))
        Else
                If strName = "" Then
                                Set objItem = GetObject("LDAP://" & strContainer & "," & ADSIRootObject.Get("defaultNamingContext"))
                Else
                                Set objItem = GetObject("LDAP://cn=" & strName & "," & strContainer & "," & ADSIRootObject.Get("defaultNamingContext"))
                End If
        End If
        Set ConnectToContainer = objItem
End Function

Public Sub CreateUser(strContainer,strName)

        Dim objUser
        Dim ADSIContainer

        Set ADSIContainer = ConnectToContainer(strContainer,"")
        Set objUser = ADSIContainer.Create("user", "cn=" & strName)
        objUser.Put "SAMAccountName", strName
        objUser.SetInfo
End Sub

Public Sub DeleteUser(strContainer,strName)

        Dim ADSIContainer

        Set ADSIContainer = ConnectToContainer(strContainer,"")
        ADSIContainer.Delete "user", "cn=" & strName

End Sub

Public Function GetUser(objUser,strContainer,strName)

        Set objUser.ADUser = ConnectToContainer(strContainer,strName)
        GetUser = True

End Function    

End Class
'#endregion

' Sample ADSI Wizard code

Dim objADSI
Dim objADSIUser

Set objADSI = New ADSIConnection
Set objADSIUser = New ADSIUser

if False Then
        ' Additional Wizard Sample Code
        Call objADSI.GetUser(objADSIUser,"cn=Users","Hooten")
        objADSI.CreateUser "cn=Users","Hooten"
End If
相关问题
最新问题