当前位置：文江博客话题详情

如何以编程方式更改 Active Directory 密码

发布于 2024-07-26 00:47:46 字数 71 浏览 11 评论 0原文

我有一组将要创建的测试帐户，但这些帐户将设置为要求在首次登录时更改密码。我想用 C# 编写一个程序来检查测试帐户并更改密码。

原文

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

想挽留 2024-08-02 00:47:46

您可以使用 UserPrincipal 类' SetPassword 方法，前提是您有足够的权限，一旦找到正确的 UserPrincipal 对象。使用 FindByIdentity 查找有问题的主体对象。

using (var context = new PrincipalContext( ContextType.Domain ))
{
  using (var user = UserPrincipal.FindByIdentity( context, IdentityType.SamAccountName, userName ))
  {
      user.SetPassword( "newpassword" );
      // or
      user.ChangePassword( "oldPassword", "newpassword" );

      user.Save();
  }
}

You can use the UserPrincipal class' SetPassword method, provided you have enough privileges, once you've found the correct UserPrincipal object. Use FindByIdentity to look up the principal object in question.

using (var context = new PrincipalContext( ContextType.Domain ))
{
  using (var user = UserPrincipal.FindByIdentity( context, IdentityType.SamAccountName, userName ))
  {
      user.SetPassword( "newpassword" );
      // or
      user.ChangePassword( "oldPassword", "newpassword" );

      user.Save();
  }
}

回复收藏 0 原文

相思碎 2024-08-02 00:47:46

这是一个很棒的 Active Directory 编程快速参考：

Howto：（几乎）通过 C# 实现 Active Directory 中的所有内容

请参阅末尾附近的密码重置代码。

public void ResetPassword(string userDn, string password)
{
    DirectoryEntry uEntry = new DirectoryEntry(userDn);
    uEntry.Invoke("SetPassword", new object[] { password });
    uEntry.Properties["LockOutTime"].Value = 0; //unlock account

    uEntry.Close();
}

Here's a great Active Directory programming quick reference:

Howto: (Almost) Everything In Active Directory via C#

See the password reset code near the end.

public void ResetPassword(string userDn, string password)
{
    DirectoryEntry uEntry = new DirectoryEntry(userDn);
    uEntry.Invoke("SetPassword", new object[] { password });
    uEntry.Properties["LockOutTime"].Value = 0; //unlock account

    uEntry.Close();
}

回复收藏 0 原文

滥情哥ㄟ 2024-08-02 00:47:46

试试这个代码。这个对我有用，

public void ChangeMyPassword(string domainName, string userName, string currentPassword, string newPassword)
{
    try
    {
        string ldapPath = "LDAP://192.168.1.xx";
        DirectoryEntry directionEntry = new DirectoryEntry(ldapPath, domainName + "\\" + userName, currentPassword);
        if (directionEntry != null)

        {
            DirectorySearcher search = new DirectorySearcher(directionEntry);
            search.Filter = "(SAMAccountName=" + userName + ")";
            SearchResult result = search.FindOne();
            if (result != null)
            {
                DirectoryEntry userEntry = result.GetDirectoryEntry();
                if (userEntry != null)
                {
                    userEntry.Invoke("ChangePassword", new object[] { currentPassword, newPassword });
                    userEntry.CommitChanges();
                }
            }
        }
    }
    catch (Exception ex)
    {
        throw ex;
    }
}

Try this code. It works for me,

public void ChangeMyPassword(string domainName, string userName, string currentPassword, string newPassword)
{
    try
    {
        string ldapPath = "LDAP://192.168.1.xx";
        DirectoryEntry directionEntry = new DirectoryEntry(ldapPath, domainName + "\\" + userName, currentPassword);
        if (directionEntry != null)

        {
            DirectorySearcher search = new DirectorySearcher(directionEntry);
            search.Filter = "(SAMAccountName=" + userName + ")";
            SearchResult result = search.FindOne();
            if (result != null)
            {
                DirectoryEntry userEntry = result.GetDirectoryEntry();
                if (userEntry != null)
                {
                    userEntry.Invoke("ChangePassword", new object[] { currentPassword, newPassword });
                    userEntry.CommitChanges();
                }
            }
        }
    }
    catch (Exception ex)
    {
        throw ex;
    }
}

回复收藏 0 原文

携余温的黄昏 2024-08-02 00:47:46

这是解决方案：

string newPassword = Membership.GeneratePassword(12, 4);    
string quotePwd = String.Format(@"""{0}""", newPassword);    
byte[] pwdBin = System.Text.Encoding.Unicode.GetBytes(quotePwd);    
UserEntry.Properties["unicodePwd"].Value = pwdBin;    
UserEntry.CommitChanges();

Here is the solution:

string newPassword = Membership.GeneratePassword(12, 4);    
string quotePwd = String.Format(@"""{0}""", newPassword);    
byte[] pwdBin = System.Text.Encoding.Unicode.GetBytes(quotePwd);    
UserEntry.Properties["unicodePwd"].Value = pwdBin;    
UserEntry.CommitChanges();

回复收藏 0 原文

寒尘 2024-08-02 00:47:46

可以使用 .NET Framework 2.0 为域帐户设置新密码。
请参阅下面的工作代码：

string domainfqdn="mydomain.test.gov" //fqdn of the domain
string ldapPath =GetObjectDistinguishedName (objectClass.user,returnType.distinguishedName, args[0].ToString(),domainfqdn);
ldapPath="LDAP://" + domainfqdn + :389/"+ldapPath;

DirectoryEntry uEntry = new DirectoryEntry(ldapPath,null,null,AuthenticationTypes.Secure);
uEntry.CommitChanges();
Console.WriteLine(ldapPath);
string password="myS3cr3tPass"              
uEntry.Invoke("SetPassword", new object[] { password });
uEntry.Properties["LockOutTime"].Value = 0; //unlock account                
uEntry.CommitChanges();
uEntry.Close();

检查 uEntry 处的参数非常重要，代码将在当前线程安全上下文下运行，除非指定 null 值

It is possible to set a new password to a domain account, by using .NET Framework 2.0.
See working code bellow:

string domainfqdn="mydomain.test.gov" //fqdn of the domain
string ldapPath =GetObjectDistinguishedName (objectClass.user,returnType.distinguishedName, args[0].ToString(),domainfqdn);
ldapPath="LDAP://" + domainfqdn + :389/"+ldapPath;

DirectoryEntry uEntry = new DirectoryEntry(ldapPath,null,null,AuthenticationTypes.Secure);
uEntry.CommitChanges();
Console.WriteLine(ldapPath);
string password="myS3cr3tPass"              
uEntry.Invoke("SetPassword", new object[] { password });
uEntry.Properties["LockOutTime"].Value = 0; //unlock account                
uEntry.CommitChanges();
uEntry.Close();

it is very importan to check the parameters at uEntry, the code will run under the current thread security context, unless the null values are specified

回复收藏 0 原文

你是年少的欢喜 2024-08-02 00:47:46

public void ResetPassword(string userName, string Password, string newPassword)
{
    try
    {
        DirectoryEntry directoryEntry = new DirectoryEntry(Path, userName, Password);

        if (directoryEntry != null)
        {
            DirectorySearcher searchEntry = new DirectorySearcher(directoryEntry);
            searchEntry.Filter = "(samaccountname=" + userName + ")";
            SearchResult result = searchEntry.FindOne();
            if (result != null)
            {
                DirectoryEntry userEntry = result.GetDirectoryEntry();
                if (userEntry != null)
                {
                    userEntry.Invoke("SetPassword", new object[] { newPassword });
                    userEntry.Properties["lockouttime"].Value = 0;
                }
            }
        }
    }
    catch (Exception ex)
    {
        Log.Error("Password Can't Change:" + ex.InnerException.Message);
    }
}

public void ResetPassword(string userName, string Password, string newPassword)
{
    try
    {
        DirectoryEntry directoryEntry = new DirectoryEntry(Path, userName, Password);

        if (directoryEntry != null)
        {
            DirectorySearcher searchEntry = new DirectorySearcher(directoryEntry);
            searchEntry.Filter = "(samaccountname=" + userName + ")";
            SearchResult result = searchEntry.FindOne();
            if (result != null)
            {
                DirectoryEntry userEntry = result.GetDirectoryEntry();
                if (userEntry != null)
                {
                    userEntry.Invoke("SetPassword", new object[] { newPassword });
                    userEntry.Properties["lockouttime"].Value = 0;
                }
            }
        }
    }
    catch (Exception ex)
    {
        Log.Error("Password Can't Change:" + ex.InnerException.Message);
    }
}

回复收藏 0 原文