Skip to main content

System.DirectoryServices.AccountManagement

Ever since .NET 2.0 System.DirectoryServices.Protocols have been a part of the framework and in .NET 3.5 even more directory related classes were added, namely System.DirectoryServices.AccountManagement. That is exactly as it sounds a namespace containing methods for account management.

This fits perfectly for a little project I have chosen to call AD Cleanup Tool. This tool will go through all accounts in a domain to clean up certain account properties, such as naming, password policy etc.

Some older solutions does not work with todays versions of Active Directory, for instance if I want to set the property User must change password at next logon. This has earlier been done by setting the property userAccountControl with the flag ADS_UF_PASSWD_CANT_CHANGE. It is not possible to set that flag anymore, but S.DS.AM gives us an even easier solution:

using(PrincipalContext context = new PrincipalContext(ContextType.Domain, "192.168.0.1", "DC=domain,DC=com", "domain\\user", "password"))
{
    using(UserPrincipal userPrincipal = UserPrincipal.FindByIdentity(context, IdentityType.DistinguishedName, distinguishedName))
    {
        if(userPrincipal.UserCannotChangePassword)
        {
            userPrincipal.UserCannotChangePassword = false;
            userPrincipal.PasswordNeverExpires = false;
            userPrincipal.ExpirePasswordNow();
            userPrincipal.Save();
            return true;
        }
    }
}

S.DS.AM builds on S.DS.P, so the usage is similar to the usage of the Protocols classes. A PrincipalContext is created, in this case to the domain controller, and all actions I want to perform is made through this context. Since I only have the distinguishedName of the user above, I get a UserPrincipal using FindByIdentity().
Labels:

Comments

Post a Comment

Popular posts from this blog

Google+ finally for everyone!

There have been a lot of whining on Google from their Apps-users since the launch of  Google+  for everyone with a regular Google-account. The Apps-users have not been able to use  Google+ , until now! (actually  october 27 ) As usual I am impressed with most of the things Google accomplishes, but now when all of their services have gotten a visual and functional touchup I am getting really impressed. As someone at an early stage pointed out it is really sweet of Google to play naive and let me fill in my profile information when I create my profile (as if Google did not already know), but after a few clicks I am on the go. My albums from Picasa is automatically integrated and even the pictures I have uploaded to this blog is shown in  Google+ . But what happens next? Practically no one of my friends are on  Google+  so what do I use it for? I guess we will see. Hopefully there will be even more integration between the social networks in the future. I am anyhow very satified with
1 comment
Read more

jQuery file upload with Bootstrap progress bar

Performing an asynchronous file upload from the browser is a common problem with almost as many solutions as there are developers. The following solution is the best fit for my needs, and also works well with most popular browsers. Backwards compatibility is not an issue in this case which is great, because I can use the new technologies as they are supposed to be used. Everything is put together in JSFiddle for a working example . I will continue to explain the parts below... First, the input field needs to be styled as a button. The form tag is only present for us to be able to reset the file input field later on. <form>     <span class="fileUpload btn btn-default">         <span class="glyphicon glyphicon-upload"></span> Upload file         <input type="file" id="uploadFile" />     </span> </form> .fileUpload { position: relative; overflow: hidden; } .fileUpload input { position: a
Post a Comment
Read more

Quartz.NET and MEF

I have been implementing a scheduler service for several different jobs on several difference schedules, which led me into using Quartz.NET . This is a really nice framework, but since we're using MEF I ran into some issues. Quartz.NET  basically consists of the scheduler engine which runs jobs implementing the IJob interface. The interface simply consists of an Execute method. I export each job with the IJob interface using  MEF . [Export(typeof(IJob))] public class MyJob : IJob { public void Execute(JobExecutionContext context) { ... } } In my scheduler implementation the jobs are imported into an IEnumerable<IJob>. [ImportMany(typeof(IJob))] public IEnumerable<IJob> Jobs { get; set; } The initialization of the scheduled tasks is pretty straight forward. A standard scheduler factory is initialized which in turn gives us a scheduler instance. Each job that was imported by  MEF  is then added to the scheduler, here with a simple 10 min
2 comments
Read more