Skip to content

Getting Start

Jump to bottom
Peter Pang edited this page Apr 7, 2017 · 1 revision

Operate the ActiveDirectory object with Active Record pattern, forget hundreds of the AD attribute names and AD attribute const values, forget all the details of the ActiveDirectory and enjoy your self.

And you can also use the code to generate the filter to get the AD object search result, all the code are clear and simple. More over: With the using code block you will dispose the no management resource easily. Now let's do it with the following guideline:

How to init the AD operator?

Just implement the "IADOperator" interface and then you can DI (dependency injection) the interface to the AD Object model. The following example is the mock implement with Moq framework in Unit Test.

protected IADOperator ADOperator { get; set; }

[TestFixtureSetUp]
public void FixtureSetUp()
{
     var mock = new Mock<IADOperator>();
     var adOperatorInfo = new ADOperatorInfo
              {
                      UserLoginName = TF.GetConfig().Properties["DomainUserName"],
                      Password = TF.GetConfig().Properties["DomainUserPassword"],
                      OperateDomainName = TF.GetConfig().Properties["DomainName"],
                };
      mock.Setup(m => m.GetOperatorInfo()).Returns(adOperatorInfo);
      this.ADOperator = mock.Object;
      this.SetUp();
}

This Library contains a build-in IADOperator interface implementation which is ADOperator class as following:

IADOperator adOperator = new ADOperator(@"landpy\pangxiaoliang", "password", "landpy");

You can implement your custom class to inherit IADOperator (Get the ADOperatorInfo by Mock, from DB, from file system and so on), and then use it as a param with the Lib Model

How to get all the user AD objects?

var userObjects = UserObject.FindAll(this.ADOperator);
foreach (UserObject userObject in userObjects)
{
       using (userObject)
       {
             // do something.
       }
}

Note: You can get all other type AD objects as above. (Such as Computer, Contact, Container, Group, Organizational Unit and so on)

How to get all the user AD objects with the special filter?

var userObjects = UserObject.FindAll(this.ADOperator, new StartWith(AttributeNames.CN, "pangxiaoliang"));
foreach (UserObject userObject in userObjects)
{
     using (userObject)
     {
          // do something.
     }
}

Note: You can get all other type AD objects as above. (Such as Computer, Contact, Container, Group, Organizational Unit and so on)

How to get one user AD object with sid?

using (var userObject = UserObject.FindOneBySid(this.ADOperator, “S-1-5-21-3069975210-3933090721-4243971453-1197”))
{
     // do something.
}

How to get one user AD object with sAMAccountName?

using (var userObject = UserObject.FindOneBySAMAccountName(this.ADOperator, "pangxiaoliang"))
{
      // do something.
}

How to get one user AD object with common name?

using (var userObject = UserObject.FindOneByCN(this.ADOperator, “pangxiaoliang”))
{
     // do something.
}

Note: You can get one other type AD object as above. (Such as Computer, Contact, Container, Group and so on)

How to update the user AD object?

using (var userObject = UserObject.FindOneByCN(this.ADOperator, “pangxiaoliang”))
{
     userObject.Email = "mv@live.cn";
     userObject.Save();
}

Note: You can update one other type AD object as above. (Such as Computer, Contact, Container, Group, Organizational Unit and so on)

How to delete the user AD object?

using (var userObject = UserObject.FindOneByCN(this.ADOperator, “pangxiaoliang”))
{
     userObject.Delete();
}

Note: You can delete one other type AD object as above. (Such as Computer, Contact, Container, Group, Organizational Unit and so on)

How to reset the user passwrod?

using (var userObject = UserObject.FindOneByCN(this.ADOperator, “pangxiaoliang”))
{
     userObject.ResetPassword("123!@#zxc");
}

How to get all the OU AD objects?

var organizationalUnitObjects = OrganizationalUnitObject.FindAll(this.ADOperator);
foreach (OrganizationalUnitObject organizationalUnitObject in organizationalUnitObjects)
{
    using (organizationalUnitObject)
    {
        // do something.
    }
}

How to get all the OU AD objects with special filter?

var organizationalUnitObjects = OrganizationalUnitObject.FindAll(this.ADOperator, new StartWith(OrganizationalUnitAttributeNames.OU, "pangxiaoliangou"));
foreach (OrganizationalUnitObject organizationalUnitObject in organizationalUnitObjects)
{
    using (organizationalUnitObject)
    {
        // do something.
    }
}

How to get one OU AD object with ou name?

using (var organizationalUnitObject = OrganizationalUnitObject.FindOneByOU(this.ADOperator, "pangxiaoliangou"))
{
    // do something.
}

How to add a new OU AD object?

using (var organizationalUnitObject = OrganizationalUnitObject.FindOneByOU(this.ADOperator, "pangxiaoliangou"))
{
    using (var addOrganizationalUnitObject = organizationalUnitObject.AddOrganizationalUnit("LandpyDemoOU"))
    {
        // do something.
    }
}

How to add a new Group AD object?

using (var organizationalUnitObject = OrganizationalUnitObject.FindOneByOU(this.ADOperator, "pangxiaoliangou"))
{
    using (var addGroupObject = organizationalUnitObject.AddGroup("LandpyDemoGroup"))
    {
        // do something.
    }
}

How to add a new User AD object?

using (var organizationalUnitObject = OrganizationalUnitObject.FindOneByOU(this.ADOperator, "pangxiaoliangou"))
{
    using (var addUserObject = organizationalUnitObject.AddUser("LandpyDemoUser"))
    {
        // do something.
    }
}

How to get all the group AD objects?

var groupObjects = GroupObject.FindAll(this.ADOperator);
foreach (GroupObject groupObject in groupObjects)
{
      using (groupObject)
      {
             Console.WriteLine(groupObject.Path);
      }
}

How to get all the group AD objects with special filter?

var groupObjects = GroupObject.FindAll(this.ADOperator, new StartWith(AttributeNames.CN, "pangxiaolianggroup"))
foreach (GroupObject groupObject in groupObjects)
{
    using (groupObject)
    {
        Assert.AreEqual(this.GroupCn, groupObject.CN);
    }
}

How to get one group AD object with sid?

using (var groupObject = GroupObject.FindOneBySid(this.ADOperator, "S-1-5-21-3069975210-3933090721-4243971453-8817"))
{
      // do something.
}

How to get one group AD object with common name?

using (var groupObject = GroupObject.FindOneByCN(this.ADOperator, "pangxiaolianggroup"))
{
      // do something.
}

How to update the group AD object?

using (var groupObject = GroupObject.FindOneByCN(this.ADOperator, "pangxiaolianggroup"))
{
      groupObject.Email = "mv@live.cn";
      groupObject.Save();
}

How to delete the group AD object?

using (var groupObject = GroupObject.FindOneByCN(this.ADOperator, "pangxiaolianggroup"))
{
      groupObject.Delete();
}

How to get all the computer AD objects?

var computerObjects = ComputerObject.FindAll(this.ADOperator);
foreach (ComputerObject computerObject in computerObjects)
{
    using (computerObject)
    {
        // do something.
    }
}

How to get all the computer AD objects with special filter?

var computerObjects = ComputerObject.FindAll(this.ADOperator, new StartWith(AttributeNames.CN, "pangcomputer"))
foreach (ComputerObject computerObject in computerObjects)
{
    using (computerObject)
    {
        // do something.
    }
}

How to get one computer AD object with sid?

using (var computerObject = ComputerObject.FindOneBySid(this.ADOperator, "S-1-5-21-3069975210-3933090721-4243971453-8818"))
{
     // do something.
}

How to get one computer AD object with common name?

using (var computerObject = ComputerObject.FindOneByCN(this.ADOperator, "pangxiaoliangcomputer"))
{
     // do something.
}

How to update computer AD object?

using (var computerObject = ComputerObject.FindOneByCN(this.ADOperator, "pangxiaoliangcomputer"))
{
     computerObject.Description = "The computer of pangxiaoliang.";
     computerObject.Save();
}

How to delete computer AD object?

using (var computerObject = ComputerObject.FindOneByCN(this.ADOperator, "pangxiaoliangcomputer"))
{
     computerObject.Delete();
}

How to get AD object with object guid?

using (var adObject = ADObject.FindOneByObjectGUID(this.ADOperator, new Guid("ac8d3bca-4132-41b1-b29c-9dcfd860f50d")))
{
    var groupObject = adObject as GroupObject;
    if(groupObject != null)
    {
         // do something.
    }
}

How to get domain group policy minimum password length and whether need to meet the complexity requirments?

using (var domainObject = DomainObject.FindOne(this.ADOperator))
{
    Console.WriteLine(this.DomainGroupPolicyMinimumPasswordLength);
    Console.WriteLine(this.DomianIsMustMeetComplexityRequirments);
}

How to get the current domain object which the server is join in without password?

using (var domainObject = DomainObject.GetCurrent())
{
       Console.WriteLine(domainObject.Name);
}

How to get the special user's domain PSO custom policy minimum password length and whether need to meet the complexity requirements?

foreach (var passwordSettingsObject in PasswordSettingsObject.FindAll(this.ADOperator, "pangxiaoliang"))
{
    using (passwordSettingsObject)
    {
        Console.WriteLine(passwordSettingsObject.CustomPolicyMinimumPasswordLength);
        Console.WriteLine(passwordSettingsObject.IsMustMeetComplexityRequirments);
    }
}

How to verify the password is valid?

this.PasswordUnity.IsPasswordValid(@"landpy\pangxiaoliang", @"123!@#qwe")

How to verify the AD object exists?

ADObject.DoesADObjectExists(this.ADOperator, new Guid("ac8d3bca-4132-41b1-b29c-9dcfd860f50d"))

How to query AD object with ObjectGuid attribute filter? (Already resolve Guid endian issue)

// Normal filter
var adObject = ADObjectQuery.SingleAndDefault(this.ADOperator, new Is(AttributeNames.ObjectGuid, "ac8d3bca-4132-41b1-b29c-9dcfd860f50d"));
// Custom filter
adObject = ADObjectQuery.SingleAndDefault(this.ADOperator, new Custom(String.Format(@"{0}={1}", AttributeNames.ObjectGuid, "ac8d3bca-4132-41b1-b29c-9dcfd860f50d")));

How to search AD objects (You can use the filters which are list at section "Support filter type are as following" to composite query to search the result what you want)?

// Query user
foreach (UserObject user in ADObjectQuery.List(this.ADOperator, new IsUser()))
{
    using (user)
    {
        // do something.
    }
}
// Query Person
foreach (PersonObject person in ADObjectQuery.List(this.ADOperator, new IsPerson()))
{
    using (person)
    {
        // do someting.
    }
}
// Query Contact
foreach (ContactObject contact in ADObjectQuery.List(this.ADOperator, new IsContact()))
{
    using (contact)
    {
        // do something.
    }
}
// Query ADObject (Will return UserObject and ContactObject which email address contains "live")
foreach (var adObject in ADObjectQuery.List(this.ADOperator, new Contains(PersonAttributeNames.Mail, "live")))
{
    using (adObject)
    {
        if(adObject.Type==ADObjectType.User)
        {
               var user = adObject as User;
               // do something.
        }
        if(adObject.Type==ADObjectType.Contact)
        {
               var contact= adObject as Contact;
               // do something.
        }
    }
}

Support filter type are as following:

  • And
  • Or
  • StartWith
  • EndWith
  • HasAValue
  • HasNoValue
  • Is
  • IsNot
  • IsPerson
  • IsUser
  • IsGroup
  • IsContact
  • IsComputer
  • IsContainer
  • IsOU
  • IsDomain
  • IsPasswordSettings
  • Contains
  • LessThanOrEqualTo
  • GreaterThanOrEqualTo
  • Approx
  • Custom (Use native AD filter string)

Support AD object type are as following:

  • UserObject
  • GroupObject
  • ContactObject
  • OrganizationalUnitObject
  • ComputerObject
  • ContainerObject
  • DomainObject
  • InetOrgPersonObject
  • MSMQQueueAliasObject
  • PasswordSettingsObject
  • PrinterObject
  • SharedFolderObject

Support AD object attribute property are as following:

  • LDAP Path
  • CN
  • ObjectGuid
  • DistinguishedName
  • Name
  • CanonicalName
  • CreateTime
  • ModifyTime
  • Description
  • DirectReports
  • DisplayName
  • MsDS_PrincipalName
  • Office
  • ZipOrPostalCode
  • PostOfficeBoxs
  • WebPage
  • OtherWebPages
  • ThumbnailPhoto
  • ThumbnailLogo
  • Email
  • CO
  • C
  • Company
  • CountryCode
  • Department
  • Fax
  • OtherFaxes
  • GivenName
  • HomePhone
  • OtherHomePhones
  • Notes
  • Initials
  • IpPhone
  • OtherIpPhones
  • City
  • Manager
  • MemberOf
  • Mobile
  • OtherMobiles
  • Pager
  • OtherPagers
  • Telephone
  • OtherTelephones
  • LastName
  • StateOrProvince
  • StreetAddress
  • JobTitle
  • ObjectSid
  • SAMAccountName
  • PrincipalName
  • GroupSids
  • AccountControlType
  • IsDomainAdmin
  • IsAccountOperator
  • IsMustChangePwdNextLogon
  • IsEnabled
  • IsLocked
  • OperatingSystemName
  • OperatingSystemVersion
  • OperatingSystemServicePack
  • DnsName
  • SiteName
  • GroupPolicyMinimumPasswordLength
  • IsMustMeetComplexityRequirments
  • GroupType
  • GroupScope
  • OU
  • Street
  • ManagedBy
  • PSO CustomPolicyMinimumPasswordLength
  • PSO IsMustMeetComplexityRequirments
  • And so on

Note: For more information please see the Unit Test project source code of the solution

There are some attributes or special AD object are not implement, but you can also expend them easily! And in the future the lib will add DSL feature to support search AD object results

Moreover:

For UserAttributeNames.AccountExpires attribute name 0 or 9223372036854775807 means 'never expires'. If the AD attribute is nomal datetime you should use the filter as following:

new LessThanOrEqualTo(AttributeNames.CreateTimeStamp, "20141224010202.0Z")
Eg: dateTime.ToString("yyyyMMddHHmmss.0Z")
else if the AD attriubte is large integer datetime you should use the filer as following:
new LessThanOrEqualTo(UserAttributeNames.AccountExpires, "1305008640000000000")
Eg: dateTime.ToFileTimeUtc().ToString()

Convert DateTime to large integer:
accountExpiresDateTime.ToFileTimeUtc()
Convert large integer to DateTime:
long fileTime = 130314240000000000;
var dateTime = DateTime.FromFileTime(fileTime);

Build FewBox with love

Clone this wiki locally