Print UserAccountControl AD property programmatically.

Even there are a few standard AD Editors, including AD MMC, ADSIEdit, and LDM, I needed to read the UserAccountControl AD property from my application. UserAccountControl is a bit flags attribute,  so I had to create C# enum similar to C++ ADS_USER_FLAG_ENUM enum from MSDN.


Below is the code of functions GetUserAccountControl(DirectoryEntry anEntry) and
UserAccountControlToString(int? nUserAccountControl) :


        public static int? GetUserAccountControl(DirectoryEntry anEntry)


        {  //MNF 10/8/2005 if Properties[“userAccountControl”] is not found ignore and return null


            int? val=null;


            if (null != anEntry)


            {


                PropertyCollection collProperties = anEntry.Properties;


                if ((null != collProperties) && (collProperties.Count > 0))


                {


                    object prop = anEntry.Properties[“userAccountControl”];


                    if (null != prop && (prop is PropertyValueCollection))


                    {


                        object oVal = ((PropertyValueCollection)prop).Value;


////if property doesn’t exist, than value is null See http://geekswithblogs.net/mnf/archive/2005/08/10/49754.aspx


                         val = (int?)oVal;


                    }


                }


            }


            Debug.Assert(val.HasValue , “anEntry.Properties[“userAccountControl”] not found”);


            return val;


        }


        public static string UserAccountControlToString(int? nUserAccountControl) //, string sDelimeter)


        {


            if (!nUserAccountControl.HasValue )


            {


                return “UserAccountControl property wasn’t loaded”;


            }


            ADS_USER_FLAG_ENUM enUserAccountControl = (ADS_USER_FLAG_ENUM)nUserAccountControl;


            string sRet = enUserAccountControl.ToString();


            sRet=sRet.Replace(“ADS_UF_”,“”); //remove the prefixes that looks redundunt


            return sRet;


        }


    }//class ADHepler


    //Alternatively you can use ActiveDs interop http://network.programming-in.net/articles/art14-2.asp?Interop=ActiveDs


    [Flags]


    public enum ADS_USER_FLAG_ENUM //http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adsi/adsi/ads_user_flag_enum.asp


    {


            ADS_UF_SCRIPT = 0X0001,


            ADS_UF_ACCOUNTDISABLE = 0X0002,


            ADS_UF_HOMEDIR_REQUIRED = 0X0008,


            ADS_UF_LOCKOUT = 0X0010,


            ADS_UF_PASSWD_NOTREQD = 0X0020,


            ADS_UF_PASSWD_CANT_CHANGE = 0X0040,


            ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED = 0X0080,


            ADS_UF_TEMP_DUPLICATE_ACCOUNT = 0X0100,


            ADS_UF_NORMAL_ACCOUNT = 0X0200,


            ADS_UF_INTERDOMAIN_TRUST_ACCOUNT = 0X0800,


            ADS_UF_WORKSTATION_TRUST_ACCOUNT = 0X1000,


            ADS_UF_SERVER_TRUST_ACCOUNT = 0X2000,


            ADS_UF_DONT_EXPIRE_PASSWD = 0X10000,


            ADS_UF_MNS_LOGON_ACCOUNT = 0X20000,


            ADS_UF_SMARTCARD_REQUIRED = 0X40000,


            ADS_UF_TRUSTED_FOR_DELEGATION = 0X80000,


            ADS_UF_NOT_DELEGATED = 0X100000,


            ADS_UF_USE_DES_KEY_ONLY = 0x200000,


            ADS_UF_DONT_REQUIRE_PREAUTH = 0x400000,


            ADS_UF_PASSWORD_EXPIRED = 0x800000,


            ADS_UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION = 0x1000000


      } ;//enum ADS_USER_FLAG_ENUM

Advertisements