"Peter Steele" <ps*****@z-force.com> wrote in message
news:Ol******** *****@TK2MSFTNG P12.phx.gbl...
Thanks for this code, I'll have to give it a try. Is there similar
technique for creating a domain account using DirectoryServic es? I
basically want to do something like NetUserAdd to add user X to domain Y
and there is a possibility that the workstation where I am running the
code will not be in the domain.
Sure, check this
http://msdn.microsoft.com/library/de...ry_objects.asp
Note that most of the samples in
http://msdn.microsoft.com/library/en..._examples.asp?
are for AD domain management using the LDAP provider interface, NT4 domains
only support a limitted subset of the AD properties and the semantics and
syntax can differ significantly, check MSDN for differences.
To get you started, here's a sample that creates a local account in the
Guest alias.
using System.Director yServices;
using System.Runtime. InteropServices ;
using System;
class AdsiUser
{
// User flags used to set user properties see AdSI doc's in MSDN
const int UF_SCRIPT = 0x0001;
const int UF_ACCOUNTDISAB LE = 0x0002;
const int UF_HOMEDIR_REQU IRED = 0x0008;
const int UF_LOCKOUT = 0x0010;
const int UF_PASSWD_NOTRE QD = 0x0020;
const int UF_PASSWD_CANT_ CHANGE = 0x0040;
const int UF_TEMP_DUPLICA TE_ACCOUNT = 0x0100;
const int UF_NORMAL_ACCOU NT = 0x0200;
const int UF_DONT_EXPIRE_ PASSWD = 0x10000;
const int UF_PASSWORD_EXP IRED = 0x800000;
public static void Main()
{
string userName = "Tester";
DirectoryEntry NewUser;
//Bind and get the local computer container object using WinNT provider
// Use LDAP as provider to bind against an AD domain
using(Directory Entry computer = new DirectoryEntry( "WinNT://" +
Environment.Mac hineName + ",computer" , ".\\Administrat or", "kevin"))
{
// delete user when existing
NewUser = computer.Childr en.Find(userNam e, "User");
if (NewUser != null)
computer.Childr en.Remove(NewUs er);
// Add entry using the user schema
NewUser = computer.Childr en.Add(userName , "user");
NewUser.Propert ies["fullname"].Add("Tester account");
NewUser.Propert ies["descriptio n"].Add("test user acount");
NewUser.Propert ies["PasswordExpire d"].Add(1); // user must change
password at next login
// Set some user flags
// this flag is different when binding to computer domain using LDAP
NewUser.Propert ies["userFlags"].Add(UF_NORMAL_ ACCOUNT
|UF_DONT_EXPIRE _PASSWD
);
// invoke native method 'SetPassword' before commiting
// for computer domain accounts this must be done after commiting
NewUser.Invoke( "SetPasswor d", new Object[] {"#12345Abc" });
NewUser.CommitC hanges();
foreach(string s in NewUser.Propert ies.PropertyNam es)
Console.WriteLi ne(s + " " + (NewUser.Proper ties[s])[0]);
// Add user to guests alias
DirectoryEntry grp = computer.Childr en.Find("guests ", "group");
try {
if (grp.Name != null)
grp.Invoke("Add ", new Object[] {NewUser.Path.T oString()});
Console.WriteLi ne("Account Created Successfully");
}
catch(Exception ex)
{
Console.WriteLi ne(ex);
}
}
}
}
Willy.