System.DirectoryServices.AccountManagement 命名空間

System.DirectoryServices.AccountManagement 命名空間提供跨下列多個主體存放區之使用者、電腦和群組安全性主體的統一存取和管理:Active Directory 網域服務 (AD DS)、Active Directory 輕量型目錄服務 (AD LDS) 和 Machine SAM (MSAM)。 The System.DirectoryServices.AccountManagement namespace provides uniform access and manipulation of user, computer, and group security principals across the multiple principal stores: Active Directory Domain Services (AD DS), Active Directory Lightweight Directory Services (AD LDS), and Machine SAM (MSAM). System.DirectoryServices.AccountManagement 會管理目錄物件而不區分 System.DirectoryServices 命名空間。 System.DirectoryServices.AccountManagement manages directory objects independent of the System.DirectoryServices namespace.

類別

AdvancedFilters

這個類別會提供特定屬性的寫入權限,讓使用者可以修改「虛擬」主體物件的唯讀屬性,該物件會在使用依例查詢時傳遞至 PrincipalSearcher 物件。This class provides writable access to certain attributes so that users can modify read-only properties of the "dummy" principal object that is passed to a PrincipalSearcher object when using Query By Example.

AuthenticablePrincipal

封裝可以驗證的主體共通的帳戶和連絡資料。Encapsulates the account and contact data common to principals that can be authenticated.

ComputerPrincipal

封裝本身為電腦帳戶的主體。Encapsulates principals that are computer accounts.

DirectoryObjectClassAttribute

表示在目錄中建立這個型別的物件時使用的結構描述物件。Represents the schema object that is used to create an object of this type in the directory. 這個屬性 (Attribute) 是主體擴充所需,而且只能在屬性 (Property) 上設定。This attribute is required for principal extensions and can only be set on classes.

DirectoryPropertyAttribute

包含存放區將主體屬性 (Property) 對應至目錄屬性 (Attribute) 時所需的資料。Contains the data required by the store to map a principal property to a directory attribute. 這個屬性 (Attribute) 是主體擴充所需,而且只能在屬性 (Property) 上設定。This attribute is required for principal extensions and can only be set on a property. 在擴充類別中每個代表目錄屬性 (Attribute) 的屬性 (Property) 上都必須指定這個屬性 (Attribute)。It must be specified on every property that represents a directory attribute in the extended class.

DirectoryRdnPrefixAttribute

為存放區中插入的新物件建構 RDN 時使用的 RDN 前置詞。The RDN prefix used to construct the RDN for the new object that is inserted into the store. 如果未設定這個屬性,則帳戶管理 API 會使用預設 RDN 前置詞 "CN"。The default RDN prefix of "CN" is used by the Account Management API if this attribute is not set. 這個屬性是選擇性的,而且只能在主體延伸類別上設定。This attribute is optional and can only be set on principal extension classes.

GroupPrincipal

封裝群組帳戶。Encapsulates group accounts. 群組帳戶可以是主體物件的任意集合,或針對管理目的建立的帳戶。Group accounts can be arbitrary collections of principal objects or accounts created for administrative purposes.

MultipleMatchesException

預期只符合一個主體物件的方法,會在搜尋查詢有多個相符項目時擲回這個例外狀況。This exception is thrown by methods that expect to match a single principal object when there are multiple matches to the search query.

NoMatchingPrincipalException

找不到具有指定之參數的主體物件時,會擲回這個例外狀況。This exception is thrown when no matching principal object could be found with the specified parameters.

PasswordException

當密碼不符合複雜度要求時,會擲回這個例外狀況。This exception is thrown when a password does not meet complexity requirements.

Principal

封裝所有安全性主體共通的帳戶資料和作業。Encapsulates the account data and operations common to all security principals. 這是所有安全性主體都衍生自的抽象基底類別。This is the abstract base class from which all security principals are derived.

PrincipalCollection

衍生自 Principal 類別的物件可變動集合。A mutable collection of objects derived from the Principal class. 此類別的設計用途為用於包含 Principal 物件的多重值屬性。This class is designed to be used for multi-valued properties that contain Principal objects. 管理這個集合的內容,會變更對應存放區屬性的內容,當 Save() 在相對應主體物件上被呼叫時,會成為永久的變更。Manipulating the contents of this collection changes the contents of the corresponding store property, which is made permanent when Save() is called on the corresponding principal object.

PrincipalContext

封裝用以執行所有作業的伺服器或網域、這些作業的基底容器,以及作業執行時使用的認證。Encapsulates the server or domain against which all operations are performed, the container that is used as the base of those operations, and the credentials used to perform the operations.

PrincipalException

System.DirectoryServices.AccountManagement 物件所擲回之例外狀況的基底類別。The base class of exceptions thrown by System.DirectoryServices.AccountManagement objects.

PrincipalExistsException

嘗試插入已存在於集合中的主體時,由 Add 方法所擲回,或嘗試儲存已存在於存放區中的新主體時,由 Save() 所擲回。Thrown by Add method when an attempt is made to insert a principal that already exists in the collection, or by Save() when an attempt is made to save a new principal that already exists in the store.

PrincipalOperationException

更新存放區作業期間 ADSI 傳回錯誤時擲回。Thrown when ADSI returns an error during an operation to update the store.

PrincipalSearcher

封裝對基礎主體存放區執行查詢時使用的方法和搜尋模式。Encapsulates the methods and search patterns used to execute a query against the underlying principal store.

PrincipalSearchResult<T>

傳回搜尋所傳回 Principal 物件的集合。Returns a collection of Principal objects that are returned by a search.

PrincipalServerDownException

當 API 無法連接到伺服器時,會擲回此例外狀況。This exception is thrown when the API is unable to connect to the server.

PrincipalValueCollection<T>

多重值的屬性 (例如 PermittedWorkstations) 具有類型 PrincipalValueCollection<T> 的值。Multi-valued properties, such as PermittedWorkstations, have a value of the type PrincipalValueCollection<T>. 這個類別會提供方法來列舉及管理這些值。This class provides methods to enumerate and manipulate those values.

UserPrincipal

封裝本身為使用者帳戶的主體。Encapsulates principals that are user accounts.

列舉

ContextOptions

指定繫結至伺服器時使用的選項。Specifies the options that are used for binding to the server. 應用程式可以設定以位元 OR 運算連結的多個選項。The application can set multiple options that are linked with a bitwise OR operation.

ContextType

指定主體所屬存放區的型別。Specifies the type of store to which the principal belongs.

GroupScope

指定群組主體的範圍。Specifies the scope of the group principal.

IdentityType

指定識別的格式。Specifies the format of the identity.

MatchType

MatchType 列舉型別指定搜尋中使用的比較型別。The MatchType enumeration specifies the type of comparison used in a search.

備註

受管理的目錄服務應用程式可以利用System.DirectoryServices.AccountManagementAPI 來簡化管理使用者、 電腦和群組的主體。Managed directory services applications can take advantage of the System.DirectoryServices.AccountManagement API to simplify management of user, computer and group principals. 先前所需的存放區或冗長的程式碼,例如尋找使用者所屬的所有群組的複雜知識的解決方案使用幾行程式碼來完成System.DirectoryServices.AccountManagementAPI。Solutions that previously required intricate knowledge of the store or lengthy code, such as finding all groups to which a user belongs, are accomplished in a few lines of code with the System.DirectoryServices.AccountManagement API.

下列功能位於System.DirectoryServices.AccountManagementAPI:The following features are available on the System.DirectoryServices.AccountManagement API:

  • 基本目錄作業,例如建立和更新安全性主體已經過簡化。Basic directory operations such as creating and updating security principals is simplified. 應用程式需要較少的知識基礎的存放區來執行這些作業。The application requires less knowledge of the underlying stores to perform these operations.

  • 應用程式可以擴充以包含目錄物件的新類型的物件模型。Applications can extend the object model to include new types of directory objects.

  • 帳戶管理工作,例如啟用和停用使用者帳戶,已簡化。Account management tasks, such as enabling and disabling a user account, are simplified.

  • 支援跨存放區可讓 Active Directory 網域服務 (AD DS)、 Active Directory 輕量型目錄服務 (AD LDS) 和 Machine SAM (MSAM) 資料庫,以包含成員從不同類型的存放區中的群組物件。Cross-store support allows group objects in the Active Directory Domain Services (AD DS), Active Directory Lightweight Directory Services (AD LDS), and Machine SAM (MSAM) databases to contain members from different types of stores.

  • 查詢,藉由搜尋範例,用於PrincipalSearcher類別,可讓應用程式主體物件上設定屬性,並搜尋選取的存放區,其他物件,包含相符的屬性值。Query by example searching, available on the PrincipalSearcher class, enables applications to set properties on a principal object and search the selected store for other objects that contain matching property values.

  • 增強的搜尋,在電腦、 使用者與群組主體物件可讓應用程式,以選取在市集中搜尋相符的主體物件。Enhanced search on computer, user and group principal objects enables applications to search the selected store for matching principal objects.

  • 遞迴搜尋,用於群組主體物件,可讓應用程式群組以遞迴方式搜尋,並傳回主體物件必須是分葉節點。Recursive search, available on the group principal object, enables applications to search a group recursively and return only principal objects that are leaf nodes.

  • 針對電腦 SAM、 AD DS 和 AD LS 的存放區的認證驗證就較為簡單。Credential validation against the Machine SAM, AD DS, and AD LS stores is simplified.

  • 使用快速並行繫結 (FSB) 功能可用時,會增加連線速度。Connections speeds are increased by using the Fast Concurrent Bind (FSB) feature when available. 連接快取可以減少使用的連接埠號碼。Connection caching decreases the number of ports used.

另請參閱