Skip to main content


Showing posts from January, 2010


Ever since .NET 2.0  System.DirectoryServices.Protocols  have been a part of the framework and in .NET 3.5 even more directory related classes were added, namely  System.DirectoryServices.AccountManagement . That is exactly as it sounds a namespace containing methods for account management. This fits perfectly for a little project I have chosen to call AD Cleanup Tool. This tool will go through all accounts in a domain to clean up certain account properties, such as naming, password policy etc. Some older solutions does not work with todays versions of Active Directory, for instance if I want to set the property  User must change password at next logon . This has earlier been done by setting the property  userAccountControl  with the flag  ADS_UF_PASSWD_CANT_CHANGE . It is not possible to set that flag anymore, but S.DS.AM gives us an even easier solution: using(PrincipalContext context = new PrincipalContext(ContextType.Domain, "", "DC=domain,DC=com&quo