问题
i have this code to create a local windows user
public static bool CreateLocalWindowsAccount(string username, string password, string displayName, string description, bool canChangePwd, bool pwdExpires)
{
try
{
PrincipalContext context = new PrincipalContext(ContextType.Machine);
UserPrincipal user = new UserPrincipal(context);
user.SetPassword(password);
user.DisplayName = displayName;
user.Name = username;
user.Description = description;
user.UserCannotChangePassword = canChangePwd;
user.PasswordNeverExpires = pwdExpires;
user.Save();
//now add user to "Users" group so it displays in Control Panel
GroupPrincipal group = GroupPrincipal.FindByIdentity(context, "Users");
group.Members.Add(user);
group.Save();
return true;
}
catch (Exception ex)
{
LogMessageToFile("error msg" + ex.Message);
return false;
}
}
i tried this on my machine it works fine. but then i put this on windows server. and tried to create a user over there.
First i got the error "General access denied error" so i made the user an administrator
but now i get the error "The network path was not found"
how can i solve this error.. thanks
回答1:
I had a very similar issue change the first line to
PrincipalContext context = new PrincipalContext(ContextType.Machine, "127.0.0.1");
see if that fixes your issue. And triple check that the program is running with administrator privileges.
The other issue it could be is the server has password complexity requirements and password that is being passed in to the function does not meet those requirements. Does the problem go away if you pass it ASfas123@!fda as the password?
I am 90% sure it is one of those two issues.
For your user groups not saving I am not sure why. Here is a snippit from one of my projects that is doing the same thing you are. I cant see the diffrence.
using (GroupPrincipal r = GroupPrincipal.FindByIdentity(context, "Remote Desktop Users"))
using (GroupPrincipal u = GroupPrincipal.FindByIdentity(context, "Users"))
{
//snip
UserPrincipal user = null;
try
{
if (userInfo.NewPassword == null)
throw new ArgumentNullException("userInfo.NewPassword", "userInfo.NewPassword was null");
if (userInfo.NewPassword == "")
throw new ArgumentOutOfRangeException("userInfo.NewPassword", "userInfo.NewPassword was empty");
//If the user already is in the list of existing users use that one.
if (pr.ContainsKey(username))
{
user = (UserPrincipal)pr[username];
user.Enabled = true;
user.SetPassword(userInfo.NewPassword);
}
else
{
//create new windows user.
user = new UserPrincipal(context, username, userInfo.NewPassword, true);
user.UserCannotChangePassword = true;
user.PasswordNeverExpires = true;
user.Save();
r.Members.Add(user);
r.Save();
u.Members.Add(user);
u.Save();
}
IADsTSUserEx iad = (IADsTSUserEx)((DirectoryEntry)user.GetUnderlyingObject()).NativeObject;
iad.TerminalServicesInitialProgram = GenerateProgramString(infinityInfo);
iad.TerminalServicesWorkDirectory = Service.Properties.Settings.Default.StartInPath;
iad.ConnectClientDrivesAtLogon = 0;
user.Save();
}
catch(Exception e)
{
//snip
}
finally
{
if (user != null)
{
user.Dispose();
}
}
}
回答2:
check if you do not have UAC enabled alternatively you have to write the code to elevate your application privileges. This however restarts your application.
http://support.microsoft.com/kb/981778
来源:https://stackoverflow.com/questions/3729406/create-local-user-account