0

I'm validating users in an Active Directory store as follows:

// using System.DirectoryServices.AccountManagement;
// located in System.DirectoryServices.AccountManagement.dll

using (var context = new PrincipalContext(ContextType.Domain, server, container, 
    ContextOptions.Negotiate, validateUsername, validatePassword))
{
    var valid = context.ValidateCredentials(validateUsername, validatePassword);
    if (valid)
    {
        Console.WriteLine("SUCCESS!");
        using (var userContext = UserPrincipal.FindByIdentity(context,
               IdentityType.SamAccountName, validateUsername))
        {
            Console.WriteLine("LastLogon = " + userContext.LastLogon);
        }
    }
    else
        Console.WriteLine("FAILED!");
}

The validation is successful, but the lastLogon value is never changed. It's essential that this value is changed when we authenticate a user in code due to other software using this value. I know ActiveDirectoryMembershipProvider authentication changes this property, so I'm wondering if there's a way I can use PrincipalContext (to reuse AD connections) but perform this validation to change the lastLogon value.

4

1 回答 1

0

使用lastLogonTimestamp. 这是当您尝试通过PrincipalContext对象连接时在 AD 中更新的字段。

于 2013-11-01T17:55:00.180 回答