AD操作解决二级目录用户删除问题
public string DeleteADAccountOU(string commonName, string ouName) { DataTable dt = new DataTable(); commonName = "test1"; ouName = "Office365Users";//根组织名称 DirectoryEntry adRoot = GetDirectoryObject(); //new DirectoryEntry("LDAP://" + domainName, adAdmin, password, AuthenticationTypes.Secure); DirectoryEntry ou = adRoot.Children.Find("OU=" + ouName); DirectorySearcher mySearcher = new DirectorySearcher(ou); // mySearcher.Filter = ("(objectClass=user)"); // mySearcher.Filter = ("(&(objectClass=user)(cn=" + commonName + "))"); //user Represents a user, the group represents a set of /*******************/ // commonName = "group2"; // mySearcher.Filter = ("(&(objectCategory=group)(cn=" + commonName + "))"); /*****************/ commonName = "Beijing";//二级组织名称 mySearcher.Filter = ("(&(objectClass=organizationalUnit)(OU=" + commonName + "))"); /***组内删除****/ SearchResult sr = mySearcher.FindOne(); DirectoryEntry userEntry = sr.GetDirectoryEntry(); // string nameItem = userEntry.Properties["Name"][0].ToString(); /*直接删除**/ // ou.Children.Remove(userEntry); // ou.CommitChanges(); // ou.Close(); /*******************/ /***组内每个成员访问*****/ string commonNameG = "test11";//查beijing组织内用户名是test11 DirectorySearcher myGroupSearcher = new DirectorySearcher(userEntry); myGroupSearcher.Filter = ("(&(objectClass=user)(cn=" + commonNameG + "))"); SearchResult srG = myGroupSearcher.FindOne(); DirectoryEntry userEntryG = srG.GetDirectoryEntry(); string nameItem = userEntryG.Properties["Name"][0].ToString(); userEntry.Children.Remove(userEntryG); userEntry.CommitChanges(); userEntry.Close(); }