我有一个网站,要求用户输入他们的公司网络用户名和密码。然后它会在 Active Directory 中查找该帐户并获取与该帐户关联的所有电子邮件地址的列表。
我遇到的问题是一个错误的密码正在锁定一个帐户。我们的域政策是一个帐户将在三个不正确的条目后锁定,所以我假设我在我的代码中做错了什么。一般来说,我对 Active Directory 或 .NET DirectoryServices 不是很了解,这从我的代码中可能很明显。这里是:
public ArrayList AuthenticateActiveDirectory(string Domain, string UserName, string Password)
{
// An error occurs if the username/password combo does not exist.
// That is how we know it is not a valid entry.
try
{
DirectoryEntry entry = new DirectoryEntry("LDAP://" + Domain, UserName, Password);
object nativeObject = entry.NativeObject;
ArrayList emails = new ArrayList();
DirectorySearcher ds = new DirectorySearcher(entry);
ds.Filter = "samaccountname=" + UserName;
ds.PropertiesToLoad.Add("mail");
SearchResult sr = ds.FindOne();
if (sr.Properties["mail"] != null)
{
for (int email = 0; email < sr.Properties["mail"].Count; email++)
{
emails.Add(sr.Properties["mail"][email]);
}
}
return emails;
}
catch (DirectoryServicesCOMException) { throw; }
catch (Exception) { throw; }
}