private LockoutData GetLockoutData(string server) { //string strDomain = comboBoxDomain.Text; string strLoginID = textBoxUsername.Text; string strLoginPassword = textBoxPassword.Text; string user_id = textBoxUserIDSearch.Text; LockoutData ld = new LockoutData(); if (string.IsNullOrEmpty(user_id)) { return(ld); } //DirectoryEntry root = AD.GetDirectoryEntry("LDAP://" + server,strLoginID,strLoginPassword); //DirectorySearcher searcher = new DirectorySearcher(root); //string strFilter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=" + user_id + "))"; //searcher.PageSize = 1000; //searcher.Filter = strFilter; //searcher.PropertiesToLoad.Add("userAccountControl"); //searcher.PropertiesToLoad.Add("pwdLastSet"); //searcher.PropertiesToLoad.Add("msDS-ReplAttributeMetaData"); //SearchResult result; //try //{ // result = searcher.FindOne(); //} //catch (Exception ex) //{ // Console.WriteLine(ex.Message); // return ld; //} string strFilter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=" + user_id + "))"; string[] props = { "userAccountControl", "pwdLastSet", "msDS-ReplAttributeMetaData" }; SearchResultCollection results = AD.GetSearchResults(server, strFilter, props, strLoginID, strLoginPassword); if (results != null) { if (results.Count == 0) { //MessageBox.Show("Not found: " + user_id, "Not found", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); } else { SearchResult result = results[0]; ld.user_id = user_id; if (result.Properties.Contains("userAccountControl")) { int userAccountControlValue = (int)result.Properties["userAccountControl"][0]; AD.ADS_USER_FLAG_ENUM userAccountControl = (AD.ADS_USER_FLAG_ENUM)userAccountControlValue; ld.user_state = (userAccountControlValue & (int)AD.ADS_USER_FLAG_ENUM.ADS_UF_LOCKOUT) == (int)AD.ADS_USER_FLAG_ENUM.ADS_UF_LOCKOUT ? "Locked" : "Not Locked"; } if (result.Properties.Contains("pwdLastSet")) { long lngPasswordChanged = (long)result.Properties["pwdLastSet"][0]; DateTime dtmLastSet = DateTime.FromFileTime(lngPasswordChanged); ld.pwd_last_set = dtmLastSet.ToString(); int intDaysOld = (int)(DateTime.Now - dtmLastSet).TotalDays; string suffix = intDaysOld > 1 ? " days" : " day"; ld.password_age = intDaysOld.ToString() + suffix; } //Console.WriteLine(xml); PrincipalContext principalContext = AD.GetPrincipalContext(server, strLoginID, strLoginPassword); UserPrincipal userPrincipal = UserPrincipal.FindByIdentity(principalContext, textBoxUserIDSearch.Text); if (userPrincipal.IsAccountLockedOut()) { ld.user_state = "Locked"; ld.bad_pwd_count = userPrincipal.BadLogonCount; //userPrincipal.UnlockAccount() //userPrincipal.SetPassword() //userPrincipal.Save() //userPrincipal.RefreshExpiredPassword() //userPrincipal.LastBadPasswordAttempt foreach (string property in result.Properties["msDS-ReplAttributeMetaData"]) { if (property.ToLower().Contains("lockouttime") && property.ToLower().Contains("pszlastoriginatingdsadn")) { XmlDocument xmlDoc = new XmlDocument(); xmlDoc.LoadXml(property); Console.WriteLine("*****************"); Console.WriteLine(xmlDoc.SelectSingleNode("DS_REPL_ATTR_META_DATA/pszLastOriginatingDsaDN").InnerText); Console.WriteLine(xmlDoc.SelectSingleNode("DS_REPL_ATTR_META_DATA/pszLastOriginatingDsaDN").Value); Console.WriteLine("*****************"); string strPattern = "CN=NTDS Settings,CN=(?<servername>[^,]+),"; Regex objRegEx = new Regex(strPattern, RegexOptions.IgnoreCase); MatchCollection colMatches = objRegEx.Matches(property); if (colMatches.Count > 0) { ld.orig_lock = colMatches[0].Groups["servername"].Value; } } } } else { ld.user_state = "Not Locked"; ld.orig_lock = "N/A"; //ld.lockout_time = "N/A"; //long lngLockoutTime = (long)result.Properties["lockouttime"][0]; //ld.lockout_time = DateTime.FromFileTime(lngLockoutTime).ToLocalTime().ToString(); } ld.lockout_time = userPrincipal.AccountLockoutTime == null ? "N/A" : ((DateTime)userPrincipal.AccountLockoutTime).ToLocalTime().ToString(); ld.last_bad_pwd = userPrincipal.LastBadPasswordAttempt == null ? "None" : ((DateTime)userPrincipal.LastBadPasswordAttempt).ToLocalTime().ToString(); DirectoryEntry blah = AD.GetDirectoryEntry("LDAP://" + server + "/" + userPrincipal.DistinguishedName, strLoginID, strLoginPassword); Console.WriteLine(blah.Properties.Contains("msDS-ReplAttributeMetaData")); //Console.WriteLine(blah.Properties["msDS-ReplAttributeMetaData"][0]); //msDS-ReplAttributeMetaData foreach (var name in result.Properties.PropertyNames) { Console.WriteLine(name.ToString()); } } } return(ld); }
private void buttonGo_Click(object sender, EventArgs e) { if (string.IsNullOrEmpty(textBoxUserIDSearch.Text)) { return; } if (string.IsNullOrEmpty(comboBoxSite.Text)) { DialogResult ret = MessageBox.Show("Search ALL domain controlers?", "Search All DCs?", MessageBoxButtons.YesNo, MessageBoxIcon.Question, MessageBoxDefaultButton.Button2); if (ret != DialogResult.Yes) { comboBoxSite.Focus(); return; } } EnableControls(false); //Clear list listView1.Items.Clear(); //Get DC list List <MyServer> listServers = GetDomainControllers(); foreach (MyServer srv in listServers) { Console.WriteLine(srv.Name); } //loop through DCs in list, querying each server for user info foreach (MyServer DC in listServers) { string dcShortName; if (DC.Name.Contains(".")) { dcShortName = DC.Name.Substring(0, DC.Name.IndexOf(".")); } else { dcShortName = DC.Name; } //Server, Site, User State, Bad Pwd Count, Last Bad Pwd, Pwd Last, Lockout Time, Orig Lock LockoutData data = GetLockoutData(DC.Name); if (string.IsNullOrEmpty(data.user_id)) { MessageBox.Show("Could not find data for: " + textBoxUserIDSearch.Text, "Not found", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); EnableControls(true); return; } ListViewItem lvi = new ListViewItem(DC.Name); lvi.SubItems.Add(dcShortName); lvi.SubItems.Add(data.user_id); lvi.SubItems.Add(DC.SiteName); lvi.SubItems.Add(data.user_state); lvi.SubItems.Add(data.bad_pwd_count.ToString()); lvi.SubItems.Add(data.last_bad_pwd); lvi.SubItems.Add(data.pwd_last_set); lvi.SubItems.Add(data.lockout_time); lvi.SubItems.Add(data.orig_lock); lvi.SubItems.Add(data.password_age); listView1.Items.Add(lvi); } EnableControls(true); }