Hello,
Programming in VS2003-ASP.NET 1.1, I have this problem: Using
DirectoryEntry and without any admin user, how can I check if a domain
account, that try to login, has expired?
Scenario: User load web application and login using account and
password of the Active Directory.
But user account of ActiveDirectory has expired (or password could be
expired). For security reason, we don't want to use any account with
admin privilegies for connecting through AD. So if user account "jdoe"
with password:"jdoe_ password" try to login, how to determine if
account has expired.
Code:
Dim Domain As String = "DOMAINXXX"
Dim sUserName="jdoe ": Dim sPassword="jdoe _password"
Dim myEntry As System.Director yServices.Direc toryEntry =
New System.Director yServices.Direc toryEntry("LDAP ://" & Domain,
sUserName, sPassword,
System.Director yServices.Authe nticationTypes. Secure)
myEntry.Usernam e = sUserName
myEntry.Passwor d = sPassword
Dim mySearcher As
System.Director yServices.Direc torySearcher = New
System.Director yServices.Direc torySearcher(my Entry)
Dim myResult As System.Director yServices.Searc hResult
mySearcher.Filt er = "(&(objectCateg ory=person)
(objectClass=us er)(userPrincip alName=" & UserName & "*))"
Dim x as String = myResult.Proper ties("sAMAccoun tName")(0) ''<-- it
gets 'jdoe'
Dim y as String = myResult.Proper ties("userAccou ntControl")(0) ''<--
it gets Nothing
I don't think it's impossible, or that you have to use an admin user
to get that (if you have to use an admin user for connecting to AD,
what about security?)
Thanks
Programming in VS2003-ASP.NET 1.1, I have this problem: Using
DirectoryEntry and without any admin user, how can I check if a domain
account, that try to login, has expired?
Scenario: User load web application and login using account and
password of the Active Directory.
But user account of ActiveDirectory has expired (or password could be
expired). For security reason, we don't want to use any account with
admin privilegies for connecting through AD. So if user account "jdoe"
with password:"jdoe_ password" try to login, how to determine if
account has expired.
Code:
Dim Domain As String = "DOMAINXXX"
Dim sUserName="jdoe ": Dim sPassword="jdoe _password"
Dim myEntry As System.Director yServices.Direc toryEntry =
New System.Director yServices.Direc toryEntry("LDAP ://" & Domain,
sUserName, sPassword,
System.Director yServices.Authe nticationTypes. Secure)
myEntry.Usernam e = sUserName
myEntry.Passwor d = sPassword
Dim mySearcher As
System.Director yServices.Direc torySearcher = New
System.Director yServices.Direc torySearcher(my Entry)
Dim myResult As System.Director yServices.Searc hResult
mySearcher.Filt er = "(&(objectCateg ory=person)
(objectClass=us er)(userPrincip alName=" & UserName & "*))"
Dim x as String = myResult.Proper ties("sAMAccoun tName")(0) ''<-- it
gets 'jdoe'
Dim y as String = myResult.Proper ties("userAccou ntControl")(0) ''<--
it gets Nothing
I don't think it's impossible, or that you have to use an admin user
to get that (if you have to use an admin user for connecting to AD,
what about security?)
Thanks