C# LastPasswordSet始终返回NULL
我试图检查用户是否需要根据其AD pwdLastSet属性重置密码。我的问题是,无论我为pwdLastSet设置了什么值(无论是“从不”还是有日期),它在UserPrincipalsEx.FindByIdentity()中总是返回null 我的问题是如何确保如果pwdLastSet在属性中实际有一个日期,那么它在代码中不会返回NULL *注意*我有UserPrincipalEx来扩展搜索过滤器,以查找“title”属性并将其分配给getUser 提前感谢您的帮助C# LastPasswordSet始终返回NULL,c#,active-directory,passwords,userprincipal,lastpasswordset,C#,Active Directory,Passwords,Userprincipal,Lastpasswordset,我试图检查用户是否需要根据其AD pwdLastSet属性重置密码。我的问题是,无论我为pwdLastSet设置了什么值(无论是“从不”还是有日期),它在UserPrincipalsEx.FindByIdentity()中总是返回null 我的问题是如何确保如果pwdLastSet在属性中实际有一个日期,那么它在代码中不会返回NULL *注意*我有UserPrincipalEx来扩展搜索过滤器,以查找“title”属性并将其分配给getUser 提前感谢您的帮助 try {
try
{
PrincipalContext domainCtx = new PrincipalContext(ContextType.Domain, DomainFQDN, DomainFull);
username = username + "@site.com";
PrincipalContext userCtx = new PrincipalContext(ContextType.Domain);
UserPrincipalsEx getUser = UserPrincipalsEx.FindByIdentity(userCtx, sAMName);
/******* Check to see if the password is required to be reset *******/
if (getUser.LastPasswordSet == null)
{
pnlResetPwd.Visible = true;
pnlLogin.Visible = false;
Domain.Text = "Passwords must be at least 8 characters and contain:<br>";
Domain.Text = Domain.Text + "1 Upper case character.<br>";
Domain.Text = Domain.Text + "1 Lower case character.<br>";
Domain.Text = Domain.Text + "1 Special character (!@#$%^&*) or 1 Number.";
Domain.Visible = true;
return;
}
else
{
Domain.Text = getUser.Name;
Domain.Visible = true;
}
/******* Check to see if the password matches Active Directory *******/
dynamic authVerified = domainCtx.ValidateCredentials(username, password, ContextOptions.SimpleBind);
if (authVerified)
{
Response.Cookies["WebAuth"]["sAMName"] = getUser.SamAccountName;
Response.Cookies["WebAuth"]["Auth"] = "Yes";
Response.Cookies["WebAuth"]["FirstName"] = getUser.GivenName;
Response.Cookies["wevAuth"]["LastName"] = getUser.Surname;
Response.Cookies["WebAuth"]["Fullname"] = getUser.DisplayName;
Response.Cookies["WebAuth"]["Email"] = getUser.EmailAddress;
Response.Cookies["WebAuth"]["Title"] = getUser.Title;
Response.Cookies["WebAuth"].Expires = DateTime.Now.AddMinutes(10);
Session["WebAuth"] = "Yes";
Session["Firstname"] = getUser.GivenName;
Session["Lastname"] = getUser.Surname;
Session["Fullname"] = getUser.DisplayName;
Session["Email"] = getUser.EmailAddress;
Session["Title"] = getUser.Title;
if (Request.Cookies["pageURL"] != null)
{
redirect.Text = Request.Cookies["pageURL"]["path"];
Response.Cookies["pageURL"].Expires = DateTime.Now;
Response.Redirect(redirect.Text);
}
else
{
Response.Redirect("/Home.aspx");
}
}
else
{
txtUsername.Text = "";
txtPassword.Text = "";
txtUsername.Focus();
lblMessage.Text = "The Usernsame/Password is incorrect. Try again.";
lblMessage.Visible = true;
lblMessage.ForeColor = System.Drawing.Color.Red;
}
}
catch
{
txtUsername.Text = "";
txtPassword.Text = "";
txtUsername.Focus();
lblMessage.Text = "The Usernsame/Password is incorrect. Try again.";
lblMessage.Visible = true;
lblMessage.ForeColor = System.Drawing.Color.Red;
}
试试看
{
PrincipalContext domainCtx=新PrincipalContext(ContextType.Domain、DomainFQDN、DomainFull);
用户名=用户名+“@site.com”;
PrincipalContext userCtx=新PrincipalContext(ContextType.Domain);
UserPrincipalsEx getUser=UserPrincipalsEx.FindByIdentity(userCtx,sAMName);
/*******检查是否需要重置密码*******/
if(getUser.LastPasswordSet==null)
{
pnlResetPwd.Visible=true;
pnlLogin.Visible=false;
Domain.Text=“密码必须至少包含8个字符并包含:
”;
Domain.Text=Domain.Text+“1个大写字符。
”;
Domain.Text=Domain.Text+“1个小写字符。
”;
Domain.Text=Domain.Text+“1个特殊字符(!@$%^&*)或1个数字。”;
Domain.Visible=true;
返回;
}
其他的
{
Domain.Text=getUser.Name;
Domain.Visible=true;
}
/*******检查密码是否与Active Directory匹配*******/
dynamic authVerified=domainCtx.ValidateCredentials(用户名、密码、ContextOptions.SimpleBind);
如果(已验证)
{
Response.Cookies[“WebAuth”][“sAMName”]=getUser.SamAccountName;
响应.Cookies[“WebAuth”][“Auth”]=“是”;
Response.Cookies[“WebAuth”][“FirstName”]=getUser.GivenName;
Response.Cookies[“wevAuth”][“LastName”]=getUser.name;
Response.Cookies[“WebAuth”][“Fullname”]=getUser.DisplayName;
Response.Cookies[“WebAuth”][“Email”]=getUser.EmailAddress;
Response.Cookies[“WebAuth”][“Title”]=getUser.Title;
Response.Cookies[“WebAuth”].Expires=DateTime.Now.AddMinutes(10);
会话[“WebAuth”]=“是”;
会话[“Firstname”]=getUser.GivenName;
会话[“Lastname”]=getUser.name;
会话[“Fullname”]=getUser.DisplayName;
会话[“电子邮件”]=getUser.EmailAddress;
会话[“Title”]=getUser.Title;
if(Request.Cookies[“pageURL”!=null)
{
redirect.Text=Request.Cookies[“pageURL”][“path”];
Response.Cookies[“pageURL”]。Expires=DateTime.Now;
Response.Redirect(Redirect.Text);
}
其他的
{
Response.Redirect(“/Home.aspx”);
}
}
其他的
{
txtUsername.Text=“”;
txtPassword.Text=“”;
txtUsername.Focus();
lblMessage.Text=“用户名称/密码不正确。请重试。”;
lblMessage.Visible=true;
lblMessage.ForeColor=System.Drawing.Color.Red;
}
}
抓住
{
txtUsername.Text=“”;
txtPassword.Text=“”;
txtUsername.Focus();
lblMessage.Text=“用户名称/密码不正确。请重试。”;
lblMessage.Visible=true;
lblMessage.ForeColor=System.Drawing.Color.Red;
}
如果使用DirectoryEntry
检查pwdLastSet
的值会发生什么?我没有想到这一点。我会调查的。非常感谢。