今日发现个怪问题..微软API的一个bug,各位帮忙解决
因为需要..
用程式添加计算机用户..
我是利用API做的..
使用如下
[DllImport( "Netapi32.dll ")]
public extern static int NetUserAdd([MarshalAs(UnmanagedType.LPWStr)] string servername, int level, ref user_info buf, int parm_err);

为了要设置
1.用户下次登录时须更改密码
2.用户不能更改密码
3.密码永不过期
4.帐户已禁用
5.帐户已锁定


为了选上2和3,
问题得不到解决..
但居然能同时选上1和2
但是人为设定的话并不能同时选上1和2
我觉得是微软件的一个小bug

请麻烦各位帮帮忙..怎么能用程式选上2和3
我的操作系统是2003的


[解决办法]
用活动目录:System.DirectoryServices;

这是新建用户的代码
DirectoryEntry AD = new DirectoryEntry( "WinNT:// " + Environment.MachineName + ",computer ");
DirectoryEntry NewUser = AD.Children.Add( "TestUser1 ", "user ");
NewUser.Invoke( "SetPassword ", new object[] { "#12345Abc "});
NewUser.Invoke( "Put ", new object[] { "Description ", "Test User from .NET "});
NewUser.CommitChanges();


试试.
[解决办法]
UF_DONT_EXPIRE_PASSWD|UF_PASSWD_CANT_CHANGE
用了吗？

如果没设置密码（为空）的时候还需要加上
UF_PASSWD_NOTREQD
[解决办法]
[DllImport( "Netapi32.dll ")]
public extern static int NetUserAdd([MarshalAs(UnmanagedType.LPWStr)] string servername, int level, ref user_info buf, int parm_err);

微软MSDN的说明：

int level, level = 1;

Specifies information about the user account. The buf parameter points to a USER_INFO_1 structure.
When you specify this level, the call initializes certain attributes to their default values. For more information, see the following Remarks section.

ref user_info buf;

typedef struct _USER_INFO_1 { LPWSTR usri1_name; LPWSTR usri1_password; DWORD usri1_password_age; DWORD usri1_priv; LPWSTR usri1_home_dir; LPWSTR usri1_comment; DWORD usri1_flags; LPWSTR usri1_script_path;
} USER_INFO_1, *PUSER_INFO_1, *LPUSER_INFO_1;


usri1_flags
Specifies a DWORD value that determines several features. This member can be one or more of the following values. Note that setting user account control flags may require certain privileges and control access rights. For more information, see the Remarks section of the NetUserSetInfo function.Value Meaning
UF_SCRIPT The logon script executed. This value must be set.
UF_ACCOUNTDISABLE The user 's account is disabled.
UF_HOMEDIR_REQUIRED The home directory is required. This value is ignored.
UF_PASSWD_NOTREQD No password is required.
UF_PASSWD_CANT_CHANGE The user cannot change the password.
UF_LOCKOUT The account is currently locked out. You can call the NetUserSetInfo function and clear this value to unlock a previously locked account. You cannot use this value to lock a previously unlocked account.
UF_DONT_EXPIRE_PASSWD The password should never expire on the account.
UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED The user 's password is stored under reversible encryption in the Active Directory.

Windows NT: This value is not supported.


UF_NOT_DELEGATED Marks the account as "sensitive "; other users cannot act as delegates of this user account.

Windows NT: This value is not supported.


UF_SMARTCARD_REQUIRED Requires the user to log on to the user account with a smart card.

Windows NT: This value is not supported.

UF_USE_DES_KEY_ONLY Restrict this principal to use only Data Encryption Standard (DES) encryption types for keys.

Windows NT: This value is not supported.


UF_DONT_REQUIRE_PREAUTH This account does not require Kerberos preauthentication for logon.

Windows NT: This value is not supported.


UF_TRUSTED_FOR_DELEGATION The account is enabled for delegation. This is a security-sensitive setting; accounts with this option enabled should be tightly controlled. This setting allows a service running under the account to assume a client 's identity and authenticate as that user to other remote servers on the network.

Windows NT: This value is not supported.


UF_PASSWORD_EXPIRED The user 's password has expired.

Windows 2000/NT: This value is not supported.


UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION The account is trusted to authenticate a user outside of the Kerberos security package and delegate that user through constrained delegation. This is a security-sensitive setting; accounts with this option enabled should be tightly controlled. This setting allows a service running under the account to assert a client 's identity and authenticate as that user to specifically configured services on the network.

Windows XP/2000/NT: This value is not supported.




The following values describe the account type. Only one value can be set. You cannot change the account type using the NetUserSetInfo function.


Value Meaning
UF_NORMAL_ACCOUNT This is a default account type that represents a typical user.
UF_TEMP_DUPLICATE_ACCOUNT This is an account for users whose primary account is in another domain. This account provides user access to this domain, but not to any domain that trusts this domain. The User Manager refers to this account type as a local user account.
UF_WORKSTATION_TRUST_ACCOUNT This is a computer account for a computer that is a member of this domain.
UF_SERVER_TRUST_ACCOUNT This is a computer account for a backup domain controller that is a member of this domain.
UF_INTERDOMAIN_TRUST_ACCOUNT This is a permit to trust account for a domain that trusts other domains.


[解决办法]
visual studio 98
LMACCESS.H

#define UF_SCRIPT 0x0001
#define UF_ACCOUNTDISABLE 0x0002
#define UF_HOMEDIR_REQUIRED 0x0008
#define UF_LOCKOUT 0x0010
#define UF_PASSWD_NOTREQD 0x0020
#define UF_PASSWD_CANT_CHANGE 0x0040
#define UF_DONT_EXPIRE_PASSWD 0x10000

lz没有工具你搞开发？