c# LDAP check user is locked or not
14/04/2010 Leave a comment
How to check an active directory user is locked or not using c#:
//SOME GLOBAL DEFINITION
public const string userdn = "10.0.0.4/CN=MyUserAcc,OU=PORTAL,DC=TEST,DC=entst,DC=local";
public const string DCUserName = "TEST\\admin"; //Admin Account for query
public const string DCPassWord = "secret";
//USAGE
bool value= LDAPHelper.Users.IsLocked(userdn, DCUserName, DCPassWord);
//CODE
public static bool IsLocked(string userDn,string adminuser,string adminpass )
{
try
{
DirectoryEntry user = new DirectoryEntry(userDn,adminuser,adminpass);
string attribName = "msDS-User-Account-Control-Computed";
user.RefreshCache(new string[] { attribName });
const int UF_LOCKOUT = 0x0010;
int userFlags = (int)user.Properties[attribName].Value;
if ( (userFlags & UF_LOCKOUT) == UF_LOCKOUT)
{
// if this is the case, the account is locked out
return true;
}
return false;
}
catch
{
return false;
}
}
About bpostaci
Bugra Postaci's Blog 