检查 Active Directory 帐户是否被锁定(WPF C#)
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/12992471/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Check if Active Directory Account is Locked out (WPF C#)
提问by user1762132
Hello everyone (this is my first post) I have some simple AD code that i pulled from Codeplex http://www.codeproject.com/Articles/18102/Howto-Almost-Everything-In-Active-Directory-via-C) and i am able to get all of our end user's information from said code. Now, I have been searching and searching and have found some interesting code snippets from here, and around the web regarding "Is the user locked out?"
大家好(这是我的第一篇文章)我有一些简单的 AD 代码,我从 Codeplex http://www.codeproject.com/Articles/18102/Howto-Almost-Everything-In-Active-Directory-via-C 中提取)我能够从上述代码中获取我们所有最终用户的信息。现在,我一直在搜索和搜索,并从这里和网络上找到了一些有趣的代码片段,内容涉及“用户是否被锁定?”
I would like to use my code that I have been using for 2 years now, and just add a little bit more to it to add in the locked out part... I would be happy if there was a text box that gave me my info, or a check box, or something that just said "user locked" and then I would notify my Exchange team and have the user unlocked...
我想使用我已经使用了 2 年的代码,然后再添加一点以添加锁定的部分...如果有一个文本框给我我的信息,或复选框,或者只是说“用户锁定”的东西,然后我会通知我的 Exchange 团队并让用户解锁...
The code that I have is the following:
我的代码如下:
string eid = this.tbEID.Text;
string user = this.tbUserName.Text.ToString();
string path = "PP://dc=ds,dc=SorryCantTellYou,dc=com";
DirectoryEntry de = new DirectoryEntry(path);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = "(&(objectCategory=person)(sAMAccountName=" + eid + "))";
SearchResultCollection src = ds.FindAll();
//AD results
if (src.Count > 0)
{
if (src[0].Properties.Contains("displayName"))
{
this.tbUserName.Text = src[0].Properties["displayName"][0].ToString();
}
}
So, if I can figure out how to use the same directory entry, and searcher to show me the account lockout status that would be amazing.. please assist
所以,如果我能弄清楚如何使用相同的目录条目,并且搜索者向我显示帐户锁定状态那将是惊人的..请协助
回答by marc_s
If you're on .NET 3.5 and up, you should check out the System.DirectoryServices.AccountManagement(S.DS.AM) namespace. Read all about it here:
如果您使用 .NET 3.5 及更高版本,则应查看System.DirectoryServices.AccountManagement(S.DS.AM) 命名空间。在这里阅读所有相关信息:
- Managing Directory Security Principals in the .NET Framework 3.5
- MSDN docs on System.DirectoryServices.AccountManagement
Basically, you can define a domain context and easily find users and/or groups in AD:
基本上,您可以定义域上下文并轻松找到 AD 中的用户和/或组:
// set up domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
// find a user
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, "SamAccountName");
if(user != null)
{
string displayName = user.DisplayName;
if(user.IsAccountLockedOut())
{
// do something here....
}
}
The new S.DS.AM makes it really easy to play around with users and groups in AD!
新的 S.DS.AM 使在 AD 中与用户和组一起玩变得非常容易!
