I'm currently developing a custom Membership provider using the DirectoryServices API to interface with a OpenLdap server (running on a cloud based Ubuntu instance) to handle authentication for our new website. However I'm running into an issue where we need to access some of the operational attributes e.g. reading 'pwdAccountLockedTime' to see if the user account is locked or removing it to unlock the user account.
I have tried adding the required attributes to the DirectorySearcher's PropertiesToLoad collection, but this does not seem to load the required properties into the DirectoryEntry when we load it from the SearchResult.
In Novell (which we used previously) we could specify the string array { "*", "+" } when searching or reading to load the entry with all attributes (including the operational ones), but this doesn't seem to work in Directory Services.
We are currently using the Mono framework as our servers are running on Ubuntu instances, and the Mono project status for System.DirectoryServices currently reports as complete (apart from 2 namespaces that we aren't using), so we're not too sure if this is a Mono bug (it wouldn't be the first we've found in some of the lesser used libraries) or if we are using the DirectoryServices API incorrectly.
Long question short, how do you correctly load operational attributes when using the DirectoryServices API?
