/// <summary>
        /// This method is to help enable the compound identity feature on the computer account in the specific domain.
        /// </summary>
        /// <param name="domainName">The domain name of the service principal.</param>
        /// <param name="computerName">The host name of the service principal.</param>
        /// <param name="adminName">Need administrator's credential to modify active directory account.</param>
        /// <param name="adminPwd">Need administrator's credential to modify active directory account.</param>
        public void enableCompId(string domainName, string computerName, string adminName, string adminPwd)
        {
            LdapConnection    connection = new LdapConnection(domainName);
            NetworkCredential cred       = new NetworkCredential(adminName, adminPwd, domainName);

            connection.Credential = cred;
            string dn       = PacHelper.GetDomainDnFromDomainName(domainName);
            string targetOu = "cn=Computers," + dn;

            computerName = computerName.Replace("$", "");
            string filter = "cn=" + computerName;

            string[]      attributesToReturn = new string[] { "msDS-SupportedEncryptionTypes" };
            SearchRequest searchRequest      = new SearchRequest(targetOu, filter, SearchScope.Subtree, attributesToReturn);

            SearchResponse searchResponse = (SearchResponse)connection.SendRequest(searchRequest);
            SearchResultAttributeCollection attributes = searchResponse.Entries[0].Attributes;

            object attributeValue = null;

            attributeValue = PacHelper.getAttributeValue(attributes, "msDS-SupportedEncryptionTypes");
            uint?supportedEncTypes = (uint?)Convert.ToInt32(attributeValue);

            uint compIdFlag = 131072;

            if ((supportedEncTypes.Value & compIdFlag) != compIdFlag)
            {
                string computerDN = filter + "," + targetOu;
                supportedEncTypes = supportedEncTypes + compIdFlag;
                ModifyRequest  modRequest  = new ModifyRequest(computerDN, DirectoryAttributeOperation.Replace, "msDS-SupportedEncryptionTypes", supportedEncTypes.ToString());
                ModifyResponse modResponse = (ModifyResponse)connection.SendRequest(modRequest);
            }
        }
        /// <summary>
        /// This method is used to get an authentication policy TGT life time by policy name and attribute name
        /// If the TGT lifetime is not set, null will return
        /// </summary>
        /// <param name="domainName">Domain Name</param>
        /// <param name="policyname">authentication policy name</param>
        /// <param name="tgtlifetimeattributename">the lifetime attribute name, such as msds-ComputerTGTLifetime, msds-UserTGTLifetime or msds-ServiceTGTLifetime</param>
        /// <param name="adminName">Admin user Name</param>
        /// <param name="adminPwd">Admin password</param>
        public double?getAuthPolicyTGTLifeTime(string domainName, string policyName, string tgtLifetimeAttributeName, string adminName, string adminPwd)
        {
            LdapConnection    connection = new LdapConnection(domainName);
            NetworkCredential cred       = new NetworkCredential(adminName, adminPwd, domainName);

            connection.Credential = cred;
            string dn       = PacHelper.GetDomainDnFromDomainName(domainName);
            string targetOu = "CN=" + policyName + ",CN=AuthN Policies,CN=AuthN Policy Configuration,CN=Services,CN=Configuration,DC=" + domainName + ",DC=com";

            string filter = "CN=" + policyName;

            string[] attributesToReturn = new string[] { tgtLifetimeAttributeName };

            double?        tgtLifeTime    = null;
            SearchRequest  searchRequest  = null;
            SearchResponse searchResponse = null;

            try
            {
                searchRequest  = new SearchRequest(targetOu, filter, SearchScope.Subtree, attributesToReturn);
                searchResponse = (SearchResponse)connection.SendRequest(searchRequest);
                SearchResultAttributeCollection attributes = searchResponse.Entries[0].Attributes;
                object attributeValue = PacHelper.getAttributeValue(attributes, tgtLifetimeAttributeName);
                tgtLifeTime = (double?)Convert.ToDouble(attributeValue);
            }
            catch
            {
                throw new InvalidOperationException("Request attribute failed with targetOU: " + targetOu + ", filter: " + filter + ", attribute: " + tgtLifetimeAttributeName);
            }

            return(tgtLifeTime);
        }
        /// <summary>
        /// This method is used to get attribute display name of an account
        /// </summary>
        /// <param name="domainName">Local domain Name</param>
        /// <param name="accountName">Account name, user name or computer name</param>
        /// <param name="accountType">Users or computers</param>
        /// <param name="attributename">The attribute of account to query</param>
        /// <param name="adminName">Admin user Name</param>
        /// <param name="adminPwd">Admin password</param>
        public string getAccountAttributeDN(string domainName, string accountName, string accountType, string attributeName, string adminName, string adminPwd)
        {
            LdapConnection    connection = new LdapConnection(domainName);
            NetworkCredential cred       = new NetworkCredential(adminName, adminPwd, domainName);

            connection.Credential = cred;
            string dn       = PacHelper.GetDomainDnFromDomainName(domainName);
            string targetOu = "CN=" + accountName + ",CN=" + accountType + ",DC=" + domainName + ",DC=com";

            string filter = "CN=" + accountName;

            string[] attributesToReturn = new string[] { attributeName };

            SearchRequest  searchRequest  = null;
            SearchResponse searchResponse = null;
            string         attributeValue = null;

            try
            {
                searchRequest = new SearchRequest(targetOu, filter, SearchScope.Subtree, attributesToReturn);

                searchResponse = (SearchResponse)connection.SendRequest(searchRequest);
                SearchResultAttributeCollection attributes = searchResponse.Entries[0].Attributes;
                object attribute = null;
                attribute      = PacHelper.getAttributeValue(attributes, attributeName);
                attributeValue = Convert.ToString(attribute);
            }
            catch
            {
                throw new InvalidOperationException("Request attribute failed with targetOU: " + targetOu + ", filter: " + filter + ", attribute: " + attributeName);
            }

            return(attributeValue);
        }