Directory Entry - Account Active

Question

I'm trying to implement the IsActive method described here Is Account Active, but i'm getting an object reference not set to an instance of the the object.

       private bool IsActive(DirectoryEntry de)
    {
        DirectoryEntry myEntry = GetDirectoryEntry();
        if (myEntry.NativeGuid == null) return false;

        int flags = (int)myEntry.Properties["userAccountControl"].Value;

        if (!Convert.ToBoolean(flags & 0x0002)) return true; else return false;

        return false;
    }
   private void SubmitData()
    {
        System.Guid guid = Guid.NewGuid();
        logInfo.IPaddress = IPAddress;

        if (!String.IsNullOrEmpty(txtUser.Text))
        {
            string username = txtUser.Text.ToString();
            if (IsActive(de) != false)
            {
                if (DateTime.Now.Subtract(passwordLastSet).TotalHours > 1)
                {
                    lblPasswordLastSet.Text = passwordLastSet.ToString();
                    lblStatus.Text = "all is good";
                }
                else
                {
                    lblStatus.Text = "oops, you reset your password less than 24 hours ago!";
                    lblPasswordLastSet.Text = passwordLastSet.ToString();
                }
            }
            else
            {
                lblStatus.Text = "your account is not active";
            }
        }
    }

score 1 · Accepted Answer · answered Apr 28 '11 at 15:59

If you're on .NET 3.5 and up, you should check out the System.DirectoryServices.AccountManagement (S.DS.AM) namespace. Read all about it here:

Managing Directory Security Principals in the .NET Framework 3.5

Basically, you can define a domain context and easily find users and/or groups in AD:

// set up domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);

// find user by name
UserPrincipal user = UserPrincipal.FindByIdentity("John Doe");

if(user != null)
{
   // check if account is locked out
   if(user.IsAccountLockedOut)
   {
      // do something if locked out....
   }
}

The new S.DS.AM makes it really easy to play around with users and groups in AD:

Thank you, I'm going to take the route you suggested – Jason Apr 28 '11 at 16:08 — Jason, Apr 28 '11 at 16:08

Directory Entry - Account Active

1 Answers1