C# 链接 AD 中的组策略

问题描述

如何在 AD 中设置组策略?我可以创建我的 OU，但我还需要附加组策略链接到它.所以这就是我目前所拥有的.

How do I set group policies in AD? I'm able to create my OU but i also need to attach group policy linking to it. So this is what i have so far.

 string strOU = "OU=test454545,OU=Clients,OU=Clients,DC=domain,DC=net";
        GPMGMTLib.GPM gpm = new GPMGMTLib.GPM();
        GPMGMTLib.GPMConstants gpc = gpm.GetConstants();
        GPMGMTLib.GPMDomain gpd = gpm.GetDomain(Environment.GetEnvironmentVariable("USERDNSDOMAIN"), "", gpc.UseAnyDC);  
        GPMGMTLib.GPMSOM gpSom = gpd.GetSOM(strOU);

        GPMGMTLib.GPMGPO gpo = gpd.CreateGPO();
        gpo.DisplayName  = "TestOutCome";
        gpSom.CreateGPOLink(-1,gpo);

这仍然不会创建 GPO 链接，但我只想链接现有的 GPO，有什么想法吗?并感谢您的帮助.

This still doesn't create the GPO link, but all i want to do is link an existing GPO, anyt thoughts? And thanks for the help.

好吧，越来越近了，这只是创建了一个策略实际上并没有链接现有的...

Okay getting closer, this just created a policy doesn't actually link an existing one...

 string strGPO = "Default Security with web access";
        string strOU = "OU=test454545,OU=Clients,OU=Clients,DC=domain,DC=net";
        GPMGMTLib.GPM gpm = new GPMGMTLib.GPM();
        GPMGMTLib.GPMConstants gpc = gpm.GetConstants();
        GPMGMTLib.GPMDomain gpd = gpm.GetDomain(Environment.GetEnvironmentVariable("USERDNSDOMAIN"), "", gpc.UseAnyDC);
        GPMGMTLib.GPMSearchCriteria searchOBJ = gpm.CreateSearchCriteria();
        searchOBJ.Add(gpc.SearchPropertyGPODisplayName, gpc.SearchOpEquals, strGPO);
        GPMGMTLib.GPMGPOCollection objGPOlist = gpd.SearchGPOs(searchOBJ);
        GPMGMTLib.GPMSOM gpSom = gpd.GetSOM(strOU);
        GPMGMTLib.GPMGPO gpo = gpd.CreateGPO();
        gpSom.CreateGPOLink(-1,gpo);

更新和工作:

这是为了使用 C# 将现有的 GPO 链接到 OU
1) 安装 http://www.microsoft.com/downloads/en/confirmation.aspx?FamilyID=0a6d4c24-8cbd-4b35-9272-dd3cbfc81887
2) 引用 gpmgmt.dll(在安装目录中找到)
3) 您可能必须安装 .Net 1.1
4) 添加对 VS
的引用5)使用GPMGMTLib添加；使用 GPO*****Lib；项目

This is for linking existing GPO's to OU's using C#
1) install http://www.microsoft.com/downloads/en/confirmation.aspx?FamilyID=0a6d4c24-8cbd-4b35-9272-dd3cbfc81887
2) Reference gpmgmt.dll (found in the install directory)
3) You might have to install .Net 1.1
4) Add References to VS
5) add using GPMGMTLib; using GPO*****Lib; to project

            string strGPO = "Default Security with web access";
        string strOU = "OU=test454545,OU=Clients,OU=clients,DC=domainh,DC=net";
        GPMGMTLib.GPM gpm = new GPMGMTLib.GPM();
        GPMGMTLib.GPMConstants gpc = gpm.GetConstants();
        GPMGMTLib.GPMDomain gpd = gpm.GetDomain(Environment.GetEnvironmentVariable("USERDNSDOMAIN"), "", gpc.UseAnyDC);
        GPMGMTLib.GPMSearchCriteria searchOBJ = gpm.CreateSearchCriteria();
        searchOBJ.Add(gpc.SearchPropertyGPODisplayName, gpc.SearchOpEquals, strGPO);
        GPMGMTLib.GPMGPOCollection objGPOlist = gpd.SearchGPOs(searchOBJ);
        GPMGMTLib.GPMSOM gpSom = gpd.GetSOM(strOU);
        GPMGMTLib.GPMGPO gpo = gpd.CreateGPO();
        gpSom.CreateGPOLink(-1,objGPOlist[1]);

推荐答案

看看这个 链接

它包含大量示例脚本，您需要从 GPO*****.dll 添加对 GPO ***** 1.0 类型库的引用 (COM).

It contains a lot of sample scripts, you will need to add a reference (COM) to GPO ***** 1.0 Type Library from GPO*****.dll.

讨论了一个类似的问题 此处 使用 C# 中的示例脚本

There is a similar issue discussed here with a sample script in C#

编辑:

引用 gpmgmt.dll 作为 COM interop 并使用如下代码:

Reference gpmgmt.dll as COM interop and use the code as below:

Public Function CreateAndLinkGPO(ByVal strDomain As String, ByVal strOU As String, ByVal strGPOName As String)
    Dim gpm As New GPM()
    Dim gpmConst As GPMConstants = gpm.GetConstants()
    Dim domain As GPMDomain = gpm.GetDomain(strDomain, "", gpmConst.UseAnyDC)
    Dim som As GPMSOM = domain.GetSOM(strOU)

    'create new GPO
    Dim gpo As GPMGPO = domain.CreateGPO()
    gpo.DisplayName = strGPOName 

    'create link to OU
    som.CreateGPOLink(-1, gpo)

    CreateAndLinkGPO = gpo
End Function

这是在 VB.NET 中，但可以通过 来自此处的 MSFT 海报.我认为关键是 .CreateGPOLink, GPMSOM 是您的 OU(检索表示指定路径上的域或组织单位 (OU) 的 IGPMSOM 接口.)

This is in VB.NET, but can be easily ported to C# posted by a MSFT poster from here. I think the key is .CreateGPOLink, GPMSOM is your OU (Retrieves the IGPMSOM interface that represents the domain or the organizational unit (OU) at the specified path.)