【发布时间】:2010-11-02 19:15:36
【问题描述】:
我有一个通过活动目录获取当前登录用户的 Intranet。当用户被锁定时,他们会收到一个窗口提示输入他们的用户名和密码。有没有办法让我捕捉到这一点并将他们重定向到要求他们再次输入凭据或告诉他们他们的帐户可能被锁定并联系服务台的页面?
【问题讨论】:
【发布时间】:2010-11-02 19:15:36
【问题描述】:
在您的应用程序中,一旦您获取已登录的用户,请执行下面的 IsAccountLocked 方法
public bool IsAccountLocked(string sUserName)
{
UserPrincipal oUserPrincipal = GetUser(sUserName);
return oUserPrincipal.IsAccountLockedOut();
}
public UserPrincipal GetUser(string sUserName)
{
PrincipalContext oPrincipalContext = GetPrincipalContext();
UserPrincipal oUserPrincipal = UserPrincipal.FindByIdentity(oPrincipalContext, sUserName);
return oUserPrincipal;
}
public PrincipalContext GetPrincipalContext()
{
PrincipalContext oPrincipalContext = new PrincipalContext(ContextType.Domain, sDomain, sDefaultOU, ContextOptions.SimpleBind, sServiceUser, sServicePassword);
return oPrincipalContext;
}
这是使用 System.DirectoryServices.AccountManagement 只使用 System.DirectoryServices 你可以这样做
public bool IsAccountLocked(DirectoryEntry oDE)
{
return Convert.ToBoolean(oDE.InvokeGet("IsAccountLocked"));
}
public DirectoryEntry GetUser(string sUserName)
{
//Create an Instance of the DirectoryEntry
oDE = GetDirectoryObject();
//Create Instance fo the Direcory Searcher
oDS = new DirectorySearcher();
oDS.SearchRoot = oDE;
//Set the Search Filter
oDS.Filter = "(&(objectClass=user)(sAMAccountName=" + sUserName + "))";
oDS.SearchScope = SearchScope.Subtree;
oDS.PageSize = 10000;
//Find the First Instance
SearchResult oResults = oDS.FindOne();
//If found then Return Directory Object, otherwise return Null
if (oResults != null)
{
oDE = new DirectoryEntry(oResults.Path, sADUser, sADPassword, AuthenticationTypes.Secure);
return oDE;
}
else
{
return null;
}
}
private DirectoryEntry GetDirectoryObject()
{
oDE = new DirectoryEntry(sADPath, sADUser, sADPassword, AuthenticationTypes.Secure);
return oDE;
}
对于完整的实现,您可以访问 http://anyrest.wordpress.com/2010/06/28/active-directory-c/ 或者 http://anyrest.wordpress.com/2010/02/01/active-directory-objects-and-c/
【讨论】: