Software Architecture-System.DirectoryServices-enable/disable,unlock,expire account funtions via userAccountControl-Property of DirectoryEntry

System.DirectoryServices is primary namespace which provide access to Active Directory.
DirectoryEntry provide manipulation of object like user in active directory.

Click here to download – working code with enable/disable,unlock,expire account funtions. You need to download the file and rename to poc-usercontrolaccount.zip ,
then extract the files.

A function to enable a user account would like as:

        /// <summary>
        ///  To enable the account
        /// </summary>
        /// <param name="userDn">user DN under discussion</param>
      static  public void Enable(string userDn)
        {
            try
            {
                DirectoryEntry user = new DirectoryEntry(userDn);
                int val = (int)user.Properties["userAccountControl"].Value;
                user.Properties["userAccountControl"].Value = val & ~0x2;
                user.CommitChanges();
                user.Close();
                Console.WriteLine("Enabled.....:" + userDn);
            }
            catch (System.DirectoryServices.DirectoryServicesCOMException E)
            {
                Console.WriteLine("Error:Enabled.." + userDn + ":" + E.Message.ToString());
            }
        }

A function to disable a user account would be like as:

/// <summary>
      /// To Disable the account
      /// </summary>
      /// <param name="userDn">user DN under discussion</param>
        static public void Disable(string userDn)
        {
            try
            {
                DirectoryEntry user = new DirectoryEntry(userDn);
                int val = (int)user.Properties["userAccountControl"].Value;
                user.Properties["userAccountControl"].Value = val | 0x2;
                user.CommitChanges();
                user.Close();
                Console.WriteLine("Disabled.....:" + userDn);
            }
            catch (System.DirectoryServices.DirectoryServicesCOMException E)
            {
                Console.WriteLine("Error:Disabled..." + userDn + ":" + E.Message.ToString());
            }
        }

A function to unlock as locked account because of wrong password attempts would be as:

/// <summary>
      /// to unlock the account
      /// </summary>
        /// <param name="userDn">user DN under discussion</param>
        static public void Unlock(string userDn)
        {
            try
            {
                DirectoryEntry uEntry = new DirectoryEntry(userDn);
                uEntry.Properties["LockOutTime"].Value = 0; 
                uEntry.CommitChanges(); 
                uEntry.Close();
                Console.WriteLine("Unlocked.....:" + userDn);
            }
            catch (System.DirectoryServices.DirectoryServicesCOMException E)
            {
                Console.WriteLine("Error:Unlocked..." + userDn + ":" + E.Message.ToString());
            }
        }

A function to set expiry date for a user account would be as:

      /// <summary>
      /// set expiry for user account
      /// </summary>
        /// <param name="userDn">user DN under discussion</param>
      /// <param name="DExpire">Expiry date to set</param>
      static public void Expire(string userDn , string DExpire)
      {
          try
          {
              DateTime pDateTime = Convert.ToDateTime( DExpire);
              DirectoryEntry uEntry = new DirectoryEntry(userDn);              
              uEntry.InvokeSet(
                    "AccountExpirationDate",
                        new object[] { pDateTime });              
              uEntry.CommitChanges();
              uEntry.Close();
              Console.WriteLine("Expire..... UserDN:" + userDn + " Date:" + pDateTime.ToString());
          }
          catch (System.DirectoryServices.DirectoryServicesCOMException E)
          {
              Console.WriteLine("Error:Expire..." + userDn + ":" + E.Message.ToString());
          }
      }

References:
http://support.microsoft.com/kb/305144
http://msdn.microsoft.com/en-us/library/ms680832(v=vs.85).aspx

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: