Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
What is the prefered way to lock an Active Directory account?
int val = (int)directoryentry.Properties["userAccountControl"].Value;
directoryentry.Properties["userAccountControl"].Value = val | 0x0010;
vs.
directoryentry.InvokeSet("IsAccountLocked", true);
Is there a better way?
Are you on .NET 3.5 (or can you upgrade to it)??
If so, check out the new
System.DirectoryServices.AccountManagementnamespace and all it has to offer! Excellent intro is the MSDN article Managing Directory Security Principals in the .NET Framework 3.5.For your case, you’d have to get hold of a
UserPrincipalsome way, e.g.and then you have access to a plethora of really easy to use properties and methods – e.g.:
and you can unlock a locked account using:
MUCH easier than the plain old
System.DirectoryServicesstuff!