C# 如何确定用户帐户是启用还是禁用
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2005637/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to determine if user account is enabled or disabled
提问by Bryan
I am throwing together a quick C# win forms app to help resolve a repetitive clerical job.
我正在拼凑一个快速的 C# win 表单应用程序来帮助解决重复的文书工作。
I have performed a search in AD for all user accounts and am adding them to a list view with check boxes.
我已经在 AD 中搜索了所有用户帐户,并将它们添加到带有复选框的列表视图中。
I would like to default the listviewitems' default check state to depend upon the enabled/disabled state of the account.
我想默认 listviewitems 的默认检查状态取决于帐户的启用/禁用状态。
string path = "LDAP://dc=example,dc=local";
DirectoryEntry directoryRoot = new DirectoryEntry(path);
DirectorySearcher searcher = new DirectorySearcher(directoryRoot,
"(&(objectClass=User)(objectCategory=Person))");
SearchResultCollection results = searcher.FindAll();
foreach (SearchResult result in results)
{
DirectoryEntry de = result.GetDirectoryEntry();
ListViewItem lvi = new ListViewItem(
(string)de.Properties["SAMAccountName"][0]);
// lvi.Checked = (bool) de.Properties["AccountEnabled"]
lvwUsers.Items.Add(lvi);
}
I'm struggling to find the right attribute to parse to get the state of the account from the DirectoryEntry object. I've searched for AD User attributes, but not found anything useful.
我正在努力寻找正确的属性来解析以从 DirectoryEntry 对象中获取帐户的状态。我搜索了AD User attributes,但没有找到任何有用的东西。
Can anyone offer any pointers?
任何人都可以提供任何指示吗?
采纳答案by Dimi Takis
this code here should work...
这里的代码应该可以工作...
private bool IsActive(DirectoryEntry de)
{
if (de.NativeGuid == null) return false;
int flags = (int)de.Properties["userAccountControl"].Value;
return !Convert.ToBoolean(flags & 0x0002);
}
回答by user3006472
Not that anyone asked, but here's a java version (since I ended up here looking for one). Null checking is left as an exercise for the reader.
不是有人问过,但这是一个java版本(因为我最终在这里寻找一个)。空检查留给读者作为练习。
private Boolean isActive(SearchResult searchResult) {
Attribute userAccountControlAttr = searchResult.getAttributes().get("UserAccountControl");
Integer userAccountControlInt = new Integer((String) userAccoutControlAttr.get());
Boolean disabled = BooleanUtils.toBooleanObject(userAccountControlInt & 0x0002);
return !disabled;
}
回答by Michelle
Using System.DirectoryServices.AccountManagement: domainName and username must be the string values of the domain and username.
使用 System.DirectoryServices.AccountManagement:domainName 和 username 必须是域和用户名的字符串值。
using (var domainContext = new PrincipalContext(ContextType.Domain, domainName))
{
using (var foundUser = UserPrincipal.FindByIdentity(domainContext, IdentityType.SamAccountName, username))
{
if (foundUser.Enabled.HasValue)
{
return (bool)foundUser.Enabled;
}
else
{
return true; //or false depending what result you want in the case of Enabled being NULL
}
}
}
