473,386 Members | 2,050 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > visual basic .net > questions > active directory woes

Join Bytes to post your question to a community of 473,386 software developers and data experts.

Active Directory Woes

I have an application that connects to several domain controllers and
enabled a specified user account. The reason for this is that my company
required that administrative accounts be disabled at midnight every day,
and that a ticket be provided and logged before our operations staff will
enable the account.

The reason behind connecting to each domain controller individually is
that waiting for active directory to replicate to our foreign offices was
taking up to three hours! This was obviously not an option for those
users. Is there a better (or faster) way than connecting to each domain
controller?

When connecting to the DCs to enable an account I have used the directory
searcher and I have connected directly (via DirectoryEntry) to the user
object I want. However, there are problems with each. Using the searcher,
I iterate through the results from the searcher and execute:

mySearcher.GetDirectoryEntry.Properties("userAccou ntControl").Value =
ADS_USER_FLAG_ENUM.ADS_UF_NORMAL_ACCOUNT

After calling commitchanges(), I notice that this does not work. I'm not
receiving any errors, and my entire operation from search to commit in a
try...catch statement. Any ideas?
When using a straight entry such as:

Dim dirSupportUser As New
System.DirectoryServices.DirectoryEntry("LDAP://dc.domain.com/CN=adminuser,
OU=ITSUPPORT, DC=domain, DC=com", "domain\username", "password")
dirSupportUser.AuthenticationType = AuthenticationTypes.ServerBind
dirSupportUser.Properties("userAccountControl").Va lue =
ADS_USER_FLAG_ENUM.ADS_UF_NORMAL_ACCOUNT

There is no way to specify a timeout for the operation! This method DOES
enable the user account, but if a server happens to be down my program
will sit and wait. Or, worse yet, if a server is partially working due to
a crash my program will sit and wait forever.
My questions are: Is there a way to specify a timeout for method #2? Is
there something I am doing wrong in method #1? Could specifying a
"PropertiesToLoad" on method #1 have anything to do with my issues?

Thanks for any help that may be offered!

--
Thomas Cameron
tom<at>drdabbles.us
http://drdabbles.us

Nov 21 '05 #1
1 1543
tom
Thomas Cameron wrote:
I have an application that connects to several domain controllers and
enabled a specified user account. The reason for this is that my company
required that administrative accounts be disabled at midnight every day,
and that a ticket be provided and logged before our operations staff will
enable the account.

The reason behind connecting to each domain controller individually is
that waiting for active directory to replicate to our foreign offices was
taking up to three hours! This was obviously not an option for those
users. Is there a better (or faster) way than connecting to each domain
controller?

When connecting to the DCs to enable an account I have used the directory
searcher and I have connected directly (via DirectoryEntry) to the user
object I want. However, there are problems with each. Using the searcher,
I iterate through the results from the searcher and execute:

mySearcher.GetDirectoryEntry.Properties("userAccou ntControl").Value =
ADS_USER_FLAG_ENUM.ADS_UF_NORMAL_ACCOUNT

After calling commitchanges(), I notice that this does not work. I'm not
receiving any errors, and my entire operation from search to commit in a
try...catch statement. Any ideas?
When using a straight entry such as:

Dim dirSupportUser As New
System.DirectoryServices.DirectoryEntry("LDAP://dc.domain.com/CN=adminuser,
OU=ITSUPPORT, DC=domain, DC=com", "domain\username", "password")
dirSupportUser.AuthenticationType = AuthenticationTypes.ServerBind
dirSupportUser.Properties("userAccountControl").Va lue =
ADS_USER_FLAG_ENUM.ADS_UF_NORMAL_ACCOUNT

There is no way to specify a timeout for the operation! This method DOES
enable the user account, but if a server happens to be down my program
will sit and wait. Or, worse yet, if a server is partially working due to
a crash my program will sit and wait forever.
My questions are: Is there a way to specify a timeout for method #2? Is
there something I am doing wrong in method #1? Could specifying a
"PropertiesToLoad" on method #1 have anything to do with my issues?

Thanks for any help that may be offered!

--
Thomas Cameron
tom<at>drdabbles.us
http://drdabbles.us


I solved the problem! For everyone else, here's the solution...

As you loop through the results returned from the directrysearcher, you
need to assign the entry found to a variable. This can be done as
follows:

For Each resAdminUser In dirAdminUserSearcher.FindAll
'Iterate through the reslts returned from our search,
'changing the properties for each.

'Retreive the AD entry
dirAdminUser = resAdminUser.GetDirectoryEntry()

'Set the account enabled
dirAdminUser.Properties("userAccountControl").Valu e =
ADS_USER_FLAG_ENUM.ADS_UF_NORMAL_ACCOUNT

'Save the changes to the directory
dirAdminUser.CommitChanges()

'Close the user entry
dirAdminUser.Close()
Next

So, that's it. Watch my website for a "Software" section, where I'll
provide the complete source to this application. These sources also
include an option to set a user password while being enabled.

--
Thomas Cameron
tom<at>drdabbles.us
http://drdabbles.us

Nov 21 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
Cannot See a Newly Installed SQL Server 2000 (No Active Directory)
by: Jay Chan | last post by:
We have just installed a SQL Server 2000 (SP 3A) onto a computer that has Windows-2003 Server on it. Now, we cannot get access to that database server from other computers. Seem like this may be an...
Microsoft SQL Server
0
Active Directory Error - The server is unwilling to process the request
by: microsoft | last post by:
Hi People, when I try to modify an active directory user programatically, I receive the following exception: The server is unwilling to process the request Reading the microsoft web site, I...
.NET Framework
9
windows2003 active directory problems
by: Mario Rodriguez | last post by:
Hi people. I have a problem adding users to Win2003 active directory programatically. When I execute my app throws the following exception: .................The specified directory service...
.NET Framework
1
Problem querying LDAP and/or Active Directory
by: Andrew | last post by:
Hey all, Working on revamping our Intranet here and making use of the LDPA, Active Directory, Directory Services, etc. that .Net provides. I am still fairly new on this subject, so the problem...
ASP.NET
6
adding user in active directory
by: Leo_Surf | last post by:
Hello, I need your help adding user in Active Directory from ASP.net website. Could any one provide me the complete code for the html page. As this is my curriculam project and I dont have any...
ASP.NET
1
Problem retrieving Active Directory users
by: tangus via DotNetMonster.com | last post by:
Hello all, I'm really struggling with getting some Active Directory code to work in ASP.NET. Can you please provide assistance? I am executing the following code: Dim enTry As DirectoryEntry =...
ASP.NET
10
Windows Authentication through Active Directory
by: Hriday | last post by:
Hi there, Please help me..It is urgent This is Hriday, working on windows authentication with Active Directory... My requirment is when a user sends a request to my web Applicatoin I want to...
Visual Basic .NET
0
[Active Directory] On what ground does LDAP connect to Active Directory
by: RTT | last post by:
here is my current situation. I develop a program on my computer's localhost. From there i contact Active directory succesfull using a connectionstring like:...
Visual Basic .NET
2
Populating a DDL with users from Active Directory
by: Jim in Arizona | last post by:
My goal, somehow, is to populate a dropdownlist with all the user names in active directory. I don't even know where to begin, really. I added a reference to System.DirectoryServices so I could...
ASP.NET
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!