C#DirectoryEntry属性值更改
[英]C# DirectoryEntry Properties Value Change
问题描述
I want to use C# to 
我想使用C#
- Create a new user. 创建一个新用户。
- Add it to "Users" group 将其添加到“用户”组
- Enable Dial-in Remote Network Permission 启用拨入远程网络权限
- Disable remote control 禁用遥控器
My code: 我的代码:
PrincipalContext ctx = new PrincipalContext(ContextType.Machine);
UserPrincipal newuser = new UserPrincipal(ctx, "newuser", "password", true);
newuser.Save();
GroupPrincipal group = GroupPrincipal.FindByIdentity(ctx,"Users");
using (DirectoryEntry groupEntry = group.GetUnderlyingObject() as DirectoryEntry )
using (DirectoryEntry userEntry = newuser.GetUnderlyingObject() as DirectoryEntry)
{
groupEntry.Invoke( "Add", new object[] { userEntry.Path } );
userEntry.RefreshCache();
userEntry.Properties["msNPAllowDialin"].Value = true;
userEntry.Properties["msTSRemoteControl"].Value = false;
userEntry.CommitChanges();
}
The account creation and user group process works fine, however, 帐户创建和用户组过程运行正常,但是,
userEntry.Properties["msNPAllowDialin"].Value = true;
userEntry.Properties["msTSRemoteControl"].Value = false;
Both generates an error 两者都产生错误
The directory property cannot be found in the cache
I have spent 2 hours Googling but still can't find any working solutions. 我花了2个小时在Google上搜索,但仍然找不到任何有效的解决方案。
1 个解决方案
解决方案1
1 2018-05-03 13:13:11
You are creating a local computer account ( ContextType.Machine ) but then trying to set properties that are specific to Active Directory user accounts. 您正在创建本地计算机帐户( ContextType.Machine ),但是随后尝试设置特定于Active Directory用户帐户的属性。 That won't work. 那行不通。
If you want to restrict them from the server's VPN, then that depends on what kind of VPN you're using. 如果要从服务器的VPN限制它们,则取决于您使用的VPN类型。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.