在.net 2.0上设置活动目录轻量级目录服务(ad lds)的密码

时间:2011-03-10 19:02:00

标签: asp.net vb.net active-directory

我正在尝试使用asp.net vb创建一个新用户并在AD LDS中设置他们的密码。我绑定到目录条目的实例,它正常工作。我可以毫无问题地添加用户。问题是我添加用户时似乎无法设置密码。这是设置密码的正确方法吗?

Dim objADAM As DirectoryEntry = BindToInstance()

Dim objUser As DirectoryEntry = objADAM.Children.Add("CN=Jimmy", "User")
objUser.Properties("sn").Value = "lloyd"
objUser.Properties("givenName").Value = "Jimmy Smith"
objUser.Properties("userpassword").Value = "THEPASSWORD"
objUser.CommitChanges()

这是我得到的错误:

  

System.DirectoryServices.DirectoryServicesCOMException(0x80072020):发生操作错误。 (来自HRESULT的异常:0x80072020)在System.DirectoryServices.DirectoryEntry.CommitChanges()

我也试过这个:

Dim objADAM As DirectoryEntry = BindToInstance()

Dim objUser As DirectoryEntry = objADAM.Children.Add("CN=Jimmy", "User")
objUser.Properties("sn").Value = "lloyd"
objUser.Properties("givenName").Value = "Jimmy Smith"
objUser.CommitChanges()
objUser.Invoke("SetPassword", New Object() {"123456789A$#"})
objUser.CommitChanges()

这给了我这个错误:

  

System.Reflection.TargetInvocationException:   例外已被抛出   调用的目标。 --->   System.Runtime.InteropServices.COMException   (0x8000500D):目录属性   在缓存中找不到。 - - 结束   内部异常堆栈跟踪--- at   System.DirectoryServices.DirectoryEntry.Invoke(字符串   methodName,Object [] args)

1 个答案:

答案 0 :(得分:2)

我的同事找到了解决方案。您可以调用CreateUserSetPassword来创建用户并在一个函数调用中设置密码。

仅供参考,如果设置密码失败,则用户已经设置好,因此您需要删除用户或再次调用SetPassword功能。

类变量 

   Private Uri As String
    ' { get; set; }
    Private OuUri As String
    ' { get; set;}
    Private UserUri As String
    ' { get; set; }
    'You will want to set these two parameters somewhere in .config and pass to
    'or otherwise make available to this process
    Private userid As String = "danny123"
    Private pwd As String = "pa$$word1"

新功能 

Public Sub New(ByVal uri__1 As String, ByVal ou As String)
    Uri = uri__1
    OuUri = "LDAP://" & uri__1 & "/" & ou
    UserUri = "LDAP://" & uri__1 & "/CN={0}," & ou
End Sub

<强> CreateUserSetPassword 

''' <summary>
''' Creates new user and sets password
''' </summary>
''' <param name="userName"></param>
''' <param name="password"></param>
Public Function CreateUserSetPassword(ByVal userName As String, ByVal password As String) As String
    Dim oGUID As String = String.Empty
    oGUID = CreateUserAccount(userName, password)
    If oGUID = String.Empty Then
        oGUID = SetPassword(userName, password)
        If oGUID = String.Empty Then
            oGUID = EnableUser(userName)
        End If
    End If
    Return oGUID
End Function

<强> CreateUserAccount 

''' <summary>
''' Create user in the AD-LDS
''' </summary>
''' <param name="userName"></param>
''' <param name="userPassword"></param>
''' <returns></returns>
Public Function CreateUserAccount(ByVal userName As String, ByVal userPassword As String) As String
    Dim oGUID As String = String.Empty
    Try
        Dim connectionPrefix As String = OuUri
        Using dirEntry As New DirectoryEntry(connectionPrefix, userid, pwd)
            Dim newUser As DirectoryEntry = dirEntry.Children.Add("CN=" & userName, "user")
            newUser.Properties("userPrincipalName").Value = userName
            newUser.CommitChanges()
            newUser.Close()

        End Using
        'catch (System.DirectoryServices.DirectoryServicesCOMException E)
    Catch E As Exception
        oGUID = E.Message
    End Try
    Return oGUID
End Function

<强> SetPassword 

''' <summary>
''' Set password for the user in AD-LDS
''' </summary>
''' <param name="user"></param>
''' <param name="password"></param>
Public Function SetPassword(ByVal user As String, ByVal password As String) As String
    Dim oGUID As String = String.Empty
    Const adsOptionPasswordPortnumber As Long = 6
    Const adsOptionPasswordMethod As Long = 7
    Const adsPasswordEncodeClear As Integer = 1

    Const intPort As Integer = 50000
    Dim objUser As DirectoryEntry
    ' User object.
    ' Set authentication flags.
    Dim AuthTypes As AuthenticationTypes = AuthenticationTypes.Signing Or AuthenticationTypes.Sealing Or AuthenticationTypes.Secure

    ' Bind to user object using LDAP port.
    Try
        objUser = New DirectoryEntry(String.Format(UserUri, user), userid, pwd, AuthTypes)
        'Get object using GetDirectoryEntry
        'objUser = GetDirectoryEntry(user);
        objUser.RefreshCache()

        objUser.Invoke("SetOption", New Object() {adsOptionPasswordPortnumber, intPort})
        objUser.Invoke("SetOption", New Object() {adsOptionPasswordMethod, adsPasswordEncodeClear})
        objUser.Invoke("SetPassword", New Object() {password})
        objUser.CommitChanges()
    Catch e As Exception
        oGUID = e.Message & vbLf & vbCr & Convert.ToString(e.InnerException)
    End Try
    Return oGUID
End Function
相关问题
最新问题