问题描述

使用.net 3.5框架和C＃，我试图从C＃向AD添加新用户，但找不到任何示例。我看到PrincipalCollection对象具有重载的 add方法，但似乎无法弄清楚它是如何工作的。有人可以帮忙吗？

Using the .net 3.5 framework and C# I'm trying to add a new user to AD from C# and can't find any examples. I see that the PrincipalCollection object has an overloaded 'add' method but can't seem to figure out how it works. Can anyone help?

如何创建一个新的用户对象，将其添加到AD中。

How create a new user object, add it into AD.

第二，要添加新用户的用户实际上可能没有这样做的安全性。有没有一种方法可以模拟另一个将具有权限的用户帐户并以这种方式添加该帐户？

Secondly, the user that will be adding in new people may not actually have the security to do this. Is there a way that I can impersonate another user account that will have permissions and add the account that way?

推荐答案

您可以添加以下用户：

using (var context = new PrincipalContext(ContextType.Domain))
using (var user = new UserPrincipal(context)
{
    UserPrincipalName = "username",
    Enabled = true
})
{
    user.SetPassword("password");
    user.Save();
}

Re：安全性，您可以将应用程序池标识设置为使用特权服务帐户有权写入Active Directory。或者，您可以为 PrincipalContext 使用构造函数重载，该重载采用LDAP连接的用户名和密码。

Re: security you can set the application pool identity to use a privileged service account that has permission to write to the Active Directory. Or you can use a constructor overload for PrincipalContext that takes a username and password for the LDAP connection.

这篇关于如何使用System.DirectoryServices.AccountManagement将用户添加到AD？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！