阅读本地组策略/ActiveDirectory设置我正在编写一个C#程序,它将根据Windows组策略设置强制执行“密码必须满足复杂性要求”复杂。具体来说,我的软件需要强制执行复杂的密码。问题是我不知道如何读取该GPO设置。Google搜索表明我可以使用两个API之一读取GPO设置:.NETFramework中的System.DirectoryServices库和WindowsManagementInstrumentation(WMI),但到目前为止我还没有取得任何成功。任何见解都会有所帮助。似乎没有用于此任务的文档化API,无论是托管的还是其他方式。管理尝试我尝试使用System.Management程序集的托管路由:ConnectionOptionsoptions=newConnectionOptions();ManagementScopescope=newManagementScope(@"\.rootRSOPComputer",options);ManagementObjectSearchersearcher=newManagementObjectSearcher(scope,newObjectQuery("SELECT*FROMRSOP_SecuritySettingBoolean"));foreach(ManagementObjectoinsearcher.Get()){Console.WriteLine("KeyName:{0}",o["KeyName"]);Console.WriteLine("优先级:{0}",o["优先级"]);Console.WriteLine("设置:{0}",o["设置"]);但是,这不会返回任何结果。Itdoesn'tappeartobeapermissionsissue,sincesupplyingausername/passwordpairtoConnectionOptionsresultsinanexceptiontellingyouthatausernamecannotbespecifiedwhenconnectinglocally.UnmanagedAttemptsIhadalookatNetUserModalsGet.虽然这将返回有关密码设置的一些信息:typedefstruct_USER_MODALS_INFO_0{DWORDusrmod0_min_passwd_len;DWORDusrmod0_max_passwd_age;DWORDusrmod0_min_passwd_age;DWORDusrmod0_force_logoff;DWORDusrmod0_password_hist_len;}USER_MODALS_INFO_0,*PUSER_MODALS_INFO_0,*LPUSER_MODALS_INFO_0;..it不会告诉我是否启用了密码complexitystrategy.Thetooloutputscraping"success"soIusetoparsesecedit.exeoutput.publicstaticboolPasswordComplexityPolicy(){vartempFile=Path.GetTempFileName();Processp=newProcess();p.StartInfo.FileName=Environment.ExpandEnvironmentVariables(@"%SystemRoot%system32secedit.exe");p.StartInfo.Arguments=String.Format(@"/export/cfg""{0}""/quiet",tempFile);p.StartInfo.CreateNoWindow=true;p.StartInfo.UseShellExecute=false;p.开始();p.WaitForExit();varfile=IniFile.Load(tempFile);IniSectionsystemAccess=null;varpasswordComplexityString="";var密码复杂度=0;returnfile.Sections.TryGetValue("SystemAccess",outsystemAccess)&&systemAccess.TryGetValue("PasswordComplexity",outpasswordComplexityString)&&Int32.TryParse(passwordComplexityString,outpasswordComplexity)&&passwordComplexity==1;完整代码:http://gist.github.com/421802您可以使用策略结果集(RSOP)工具。例如,这是一个VBScript(取自此处),它会告诉您需要了解的内容。它应该很简单,将其转换为C#。str计算机=“。”设置objWMIService=GetObject("winmgmts:\"&strComputer&"rootrsopcomputer")设置colItems=objWMIService。ExecQuery_("Select*fromRSOP_SecuritySettingBoolean")ForEachobjItemincolItemsWscript.Echo"KeyName:"&objItem.KeyNameWscript.Echo"Precedence:"&objItem.PrecedenceWscript.Echo"Setting:"&objItem.SettingWscript复制代码.Echo接下来我遇到了你的这个微软论坛答案http://social.msdn.microsoft.com/Forums/en-US/csharpgeneral/thread/f3f5a61f-2ab9-459e-a1ee-c187465198e0希望这能帮助任何遇到的人以后这个问题。以上就是C#学习教程:阅读本地组策略/ActiveDirectory设置分享的所有内容。如果对你有用,需要进一步了解C#学习教程,希望大家多多关注。本文收集自网络,不代表立场。如涉及侵权,请点击右侧联系管理员删除。如需转载请注明出处:
