C# (CSharp) System.DirectoryServices.ActiveDirectory.Domain.GetDirectoryEntryの例

コード例 #1

        public void FindLockedAccounts()
        {
            System.DirectoryServices.ActiveDirectory.Forest forest = System.DirectoryServices.ActiveDirectory.Forest.GetCurrentForest();

            System.DirectoryServices.ActiveDirectory.DirectoryContext context = null;
            foreach (System.DirectoryServices.ActiveDirectory.Domain thisDomain in forest.Domains)
            {
                string domainName = thisDomain.Name;
                System.Console.WriteLine(domainName);
                context = new System.DirectoryServices.ActiveDirectory.DirectoryContext(System.DirectoryServices.ActiveDirectory.DirectoryContextType.Domain, domainName);
            } // Next thisDomain

            //get our current domain policy
            System.DirectoryServices.ActiveDirectory.Domain domain = System.DirectoryServices.ActiveDirectory.Domain.GetDomain(context);
            System.DirectoryServices.DirectoryEntry         root   = domain.GetDirectoryEntry();

            // System.DirectoryServices.DirectoryEntry AdRootDSE = new System.DirectoryServices.DirectoryEntry("LDAP://rootDSE");
            // string rootdse = System.Convert.ToString(AdRootDSE.Properties["defaultNamingContext"].Value);
            // System.DirectoryServices.DirectoryEntry root = new System.DirectoryServices.DirectoryEntry(rootdse);

            DomainPolicy policy = new DomainPolicy(root);


            //default for when accounts stay locked indefinitely
            string qry = "(lockoutTime>=1)";

            // System.TimeSpan duration = new TimeSpan(0, 30, 0);
            System.TimeSpan duration = policy.LockoutDuration;

            if (duration != System.TimeSpan.MaxValue)
            {
                System.DateTime lockoutThreshold = System.DateTime.Now.Subtract(duration);
                qry = string.Format("(lockoutTime>={0})", lockoutThreshold.ToFileTime());
            } // End if (duration != System.TimeSpan.MaxValue)

            System.DirectoryServices.DirectorySearcher ds = new System.DirectoryServices.DirectorySearcher(root, qry);

            using (System.DirectoryServices.SearchResultCollection src = ds.FindAll())
            {
                foreach (System.DirectoryServices.SearchResult sr in src)
                {
                    long ticks = (long)sr.Properties["lockoutTime"][0];
                    System.Console.WriteLine("{0} locked out at {1}", sr.Properties["name"][0], System.DateTime.FromFileTime(ticks));
                } // Next sr
            }     // End Using src
        }         // End Sub FindLockedAccounts

コード例 #2

 private static TimeSpan GetMaxPasswordAge()
 {
     using (System.DirectoryServices.ActiveDirectory.Domain d = System.DirectoryServices.ActiveDirectory.Domain.GetCurrentDomain())
         using (DirectoryEntry domain = d.GetDirectoryEntry())
         {
             DirectorySearcher ds = new DirectorySearcher(
                 domain,
                 "(objectClass=*)",
                 null,
                 SearchScope.Base
                 );
             SearchResult sr        = ds.FindOne();
             TimeSpan     maxPwdAge = TimeSpan.MinValue;
             if (sr.Properties.Contains("maxPwdAge"))
             {
                 maxPwdAge = TimeSpan.FromTicks((long)sr.Properties["maxPwdAge"][0]);
             }
             return(maxPwdAge.Duration());
         }
 }