Active Directory LDAP - Lock User Account?

The lock attribute is read-only by definition and here is why.

Up vote 0 down vote favorite share g+ share fb share tw.

What is the best way to use System. DirectoryServices. AccountManagement to lock an Active Directory user object?

I'm able to determine if an account is locked using.. UserPrincipal principal = new UserPrincipal(context); bool locked = principal. IsAccountLockedOut(); How do I lock the account? Is there an alternative to doing something like this... UserPrincipal principal = new UserPrincipal(context); DirectoryEntry entry = (DirectoryEntry)principal.

GetUnderlyingObject(); int val = (int)entry. Properties"userAccountControl". Value; entry.

Properties"userAccountControl". Value = val | 0x0010; entry.CommitChanges(); c# .net asp.net active-directory ldap link|improve this question edited May 20 '10 at 22:23 asked May 19 '10 at 21:26Germ1,0511420 89% accept rate.

I guess this is set in the GPO) Giving developers a way to change this attribute will conflict with the above definition... so you shouldn't set this value and I think AD security mechanism will block you from doing this. You can however enable\disable the user which I think is more close to what you want. Hope this helps.

CodeProject's Everything AD article has some sample code on unlocking an account. I'm not certain that this is the property that would give you what you're looking for. Public void Unlock(string userDn) { try { DirectoryEntry uEntry = new DirectoryEntry(userDn); uEntry.

Properties"LockOutTime". Value = 0; //unlock account uEntry.CommitChanges(); //may not be needed but adding it anyways uEntry.Close(); } catch (System. DirectoryServices.

DirectoryServicesCOMException E) { //DoSomethingWith --> E.Message.ToString(); } }.

This code will work to lock a user in AD /// /// Locks a user account /// /// The name of the user whose account you want to unlock /// /// This actually trys to log the user in with a wrong password. /// This in turn will lock the user out /// public void LockAccount(string userName) { DirectoryEntry user = GetUser(userName); string path = user. Path; string badPassword = "SomeBadPassword"; int maxLoginAttempts = 10; for (int I = 0; I.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.