I have a set of test accounts that are going to be created but the accounts will be setup to require password change on the first login. I want to write a program in C# to go through the test accounts and change the passwords.
我有一组将要创建的测试帐户,但是这些帐户将被设置为在第一次登录时要求修改密码。我想用c#编写一个程序来检查测试帐户并更改密码。
6 个解决方案
#1
60
You can use the UserPrincipal class' SetPassword method, provided you have enough privileges, once you've found the correct UserPrincipal object. Use FindByIdentity to look up the principal object in question.
如果您找到了正确的UserPrincipal对象,那么您可以使用UserPrincipal类的SetPassword方法,只要您有足够的权限。使用FindByIdentity查找相关的主体对象。
using (var context = new PrincipalContext( ContextType.Domain )){ using (var user = UserPrincipal.FindByIdentity( context, IdentityType.SamAccountName, userName )) { user.SetPassword( "newpassword" ); // or user.ChangePassword( "oldPassword", "newpassword" ); }}#2
18
Here's a great Active Directory programming quick reference:
这里有一个伟大的活动目录编程快速参考:
Howto: (Almost) Everything In Active Directory via C#
如何:(几乎)通过c#在活动目录中的所有内容
See the password reset code near the end.
请查看接近末尾的密码重置代码。
public void ResetPassword(string userDn, string password){ DirectoryEntry uEntry = new DirectoryEntry(userDn); uEntry.Invoke("SetPassword", new object[] { password }); uEntry.Properties["LockOutTime"].Value = 0; //unlock account uEntry.Close();}#3
12
Try this code. It works for me,
试试这个代码。它对我来说,
public void ChangeMyPassword(string domainName, string userName, string currentPassword, string newPassword){ try { string ldapPath = "LDAP://192.168.1.xx"; DirectoryEntry directionEntry = new DirectoryEntry(ldapPath, domainName + "\\" + userName, currentPassword); if (directionEntry != null) { DirectorySearcher search = new DirectorySearcher(directionEntry); search.Filter = "(SAMAccountName=" + userName + ")"; SearchResult result = search.FindOne(); if (result != null) { DirectoryEntry userEntry = result.GetDirectoryEntry(); if (userEntry != null) { userEntry.Invoke("ChangePassword", new object[] { currentPassword, newPassword }); userEntry.CommitChanges(); } } } } catch (Exception ex) { throw ex; }}#4
1
Here is the solution:
这是解决方案:
string newPassword = Membership.GeneratePassword(12, 4); string quotePwd = String.Format(@"""{0}""", newPassword); byte[] pwdBin = System.Text.Encoding.Unicode.GetBytes(quotePwd); UserEntry.Properties["unicodePwd"].Value = pwdBin; UserEntry.CommitChanges();#5
0
It is possible to set a new password to a domain account, by using .NET Framework 2.0.See working code bellow:
通过使用。net Framework 2.0,可以为域帐户设置新的密码。看到工作代码波纹管:
string domainfqdn="mydomain.test.gov" //fqdn of the domainstring ldapPath =GetObjectDistinguishedName (objectClass.user,returnType.distinguishedName, args[0].ToString(),domainfqdn);ldapPath="LDAP://" + domainfqdn + :389/"+ldapPath;DirectoryEntry uEntry = new DirectoryEntry(ldapPath,null,null,AuthenticationTypes.Secure);uEntry.CommitChanges();Console.WriteLine(ldapPath);string password="myS3cr3tPass" uEntry.Invoke("SetPassword", new object[] { password });uEntry.Properties["LockOutTime"].Value = 0; //unlock account uEntry.CommitChanges();uEntry.Close(); it is very importan to check the parameters at uEntry, the code will run under the current thread security context, unless the null values are specified
检查uEntry的参数非常重要,除非指定null值,否则代码将在当前线程安全上下文中运行
#6
0
public void ResetPassword(string userName, string Password, string newPassword){ try { DirectoryEntry directoryEntry = new DirectoryEntry(Path, userName, Password); if (directoryEntry != null) { DirectorySearcher searchEntry = new DirectorySearcher(directoryEntry); searchEntry.Filter = "(samaccountname=" + userName + ")"; SearchResult result = searchEntry.FindOne(); if (result != null) { DirectoryEntry userEntry = result.GetDirectoryEntry(); if (userEntry != null) { userEntry.Invoke("SetPassword", new object[] { newPassword }); userEntry.Properties["lockouttime"].Value = 0; } } } } catch (Exception ex) { Log.Error("Password Can't Change:" + ex.InnerException.Message); }}#1
60
You can use the UserPrincipal class' SetPassword method, provided you have enough privileges, once you've found the correct UserPrincipal object. Use FindByIdentity to look up the principal object in question.
如果您找到了正确的UserPrincipal对象,那么您可以使用UserPrincipal类的SetPassword方法,只要您有足够的权限。使用FindByIdentity查找相关的主体对象。
using (var context = new PrincipalContext( ContextType.Domain )){ using (var user = UserPrincipal.FindByIdentity( context, IdentityType.SamAccountName, userName )) { user.SetPassword( "newpassword" ); // or user.ChangePassword( "oldPassword", "newpassword" ); }}#2
18
Here's a great Active Directory programming quick reference:
这里有一个伟大的活动目录编程快速参考:
Howto: (Almost) Everything In Active Directory via C#
如何:(几乎)通过c#在活动目录中的所有内容
See the password reset code near the end.
请查看接近末尾的密码重置代码。
public void ResetPassword(string userDn, string password){ DirectoryEntry uEntry = new DirectoryEntry(userDn); uEntry.Invoke("SetPassword", new object[] { password }); uEntry.Properties["LockOutTime"].Value = 0; //unlock account uEntry.Close();}#3
12
Try this code. It works for me,
试试这个代码。它对我来说,
public void ChangeMyPassword(string domainName, string userName, string currentPassword, string newPassword){ try { string ldapPath = "LDAP://192.168.1.xx"; DirectoryEntry directionEntry = new DirectoryEntry(ldapPath, domainName + "\\" + userName, currentPassword); if (directionEntry != null) { DirectorySearcher search = new DirectorySearcher(directionEntry); search.Filter = "(SAMAccountName=" + userName + ")"; SearchResult result = search.FindOne(); if (result != null) { DirectoryEntry userEntry = result.GetDirectoryEntry(); if (userEntry != null) { userEntry.Invoke("ChangePassword", new object[] { currentPassword, newPassword }); userEntry.CommitChanges(); } } } } catch (Exception ex) { throw ex; }}#4
1
Here is the solution:
这是解决方案:
string newPassword = Membership.GeneratePassword(12, 4); string quotePwd = String.Format(@"""{0}""", newPassword); byte[] pwdBin = System.Text.Encoding.Unicode.GetBytes(quotePwd); UserEntry.Properties["unicodePwd"].Value = pwdBin; UserEntry.CommitChanges();#5
0
It is possible to set a new password to a domain account, by using .NET Framework 2.0.See working code bellow:
通过使用。net Framework 2.0,可以为域帐户设置新的密码。看到工作代码波纹管:
string domainfqdn="mydomain.test.gov" //fqdn of the domainstring ldapPath =GetObjectDistinguishedName (objectClass.user,returnType.distinguishedName, args[0].ToString(),domainfqdn);ldapPath="LDAP://" + domainfqdn + :389/"+ldapPath;DirectoryEntry uEntry = new DirectoryEntry(ldapPath,null,null,AuthenticationTypes.Secure);uEntry.CommitChanges();Console.WriteLine(ldapPath);string password="myS3cr3tPass" uEntry.Invoke("SetPassword", new object[] { password });uEntry.Properties["LockOutTime"].Value = 0; //unlock account uEntry.CommitChanges();uEntry.Close(); it is very importan to check the parameters at uEntry, the code will run under the current thread security context, unless the null values are specified
检查uEntry的参数非常重要,除非指定null值,否则代码将在当前线程安全上下文中运行
#6
0
public void ResetPassword(string userName, string Password, string newPassword){ try { DirectoryEntry directoryEntry = new DirectoryEntry(Path, userName, Password); if (directoryEntry != null) { DirectorySearcher searchEntry = new DirectorySearcher(directoryEntry); searchEntry.Filter = "(samaccountname=" + userName + ")"; SearchResult result = searchEntry.FindOne(); if (result != null) { DirectoryEntry userEntry = result.GetDirectoryEntry(); if (userEntry != null) { userEntry.Invoke("SetPassword", new object[] { newPassword }); userEntry.Properties["lockouttime"].Value = 0; } } } } catch (Exception ex) { Log.Error("Password Can't Change:" + ex.InnerException.Message); }}