DirectoryEntry Enabled

I need to check whether an account in the active directory was enabled.

After some searching, I came to understand that the enabled feature is not only for User but for every node in the active directory. That means every DirectoryEntry instance.

Here is how you check if it is enabled

public const string        AccountControl="userAccountControl";
public const int EnabledFlag= 0x2;

static bool IsEnabled(DirectoryEntry de)
{
  return (((int)

  de.Properties[AccountControl].Value)

  & EnabledFlag) == 0;
}

Active Directory Connection

Recently I have been asked to query our Active Directory.

I really believe that the documentation is really poor about the connection, and what the errors mean.

After all the problems, and the never ending errors that I could not comprehend, I stumped upon a post that said LDAP prefix must be Uppercase.

A few thing about the connection string, since I am writing this post.

I do not know of Active Directory administration so, what I will write here is my experience in this situation and hopefully someone will benefit.

At my company we have a domain which from windows we see as DomainName. There are a few places in windows, that I had seen a local suffix in out domain. I do not know what this means. Our domain is located on machine called SERV1 for example with IP 192.168.0.1.

In case I’m not entirely clear about my environment, let me specify that my computer registers on the network as DomainName\PCName and my Domain Account is DomainName\sarafian.

The only valid connection string that works for us is LDAP://192.168.0.1/dc=DomainName,dc=local

Anything else just doesn’t.

Here is the creation of root DirectoryEntry

private static DirectoryEntry GetRoot()
{
    DirectoryEntry de = new DirectoryEntry(

      "LDAP://192.168.0.1/dc=DomainName,dc=local"

     , null, null, AuthenticationTypes.Secure);
    return de;
}

Hopefully someone will benefit and won’t get frustrated as I did, with all the combinations and their incomprehensive error messages.