Solved

VB.Net  Enable Active Directory User Account

Posted on 2009-07-16
8
2,042 Views
Last Modified: 2012-05-07
I need to be able to enable an Active Directory user account when I click submit. I have page setup with the following:
1. User select OU member from dropDownList1.
2. ObjUser=dropDownList1.SelectedValue
3. ObjUser is plugged into the Active Direct Search routine as so:
searchMe.Filter = "(&(objectclass=user)(samaccountname=" & objUser & "))"
4. This is used to populate other tables on the page such as the account description etc.

Below is the code for adsearcher. Is there another attribute I need to be pulling during this sub and what would I need to set it to in order to enable the user account?

Thanks in advance!!
Public Sub adSearcher()
        Dim adInfo As New DirectoryServices.DirectoryEntry(strLpath)
        Dim searchMe As New System.DirectoryServices.DirectorySearcher(adInfo)
 
        searchMe.PropertiesToLoad.Add("displayName")
        searchMe.PropertiesToLoad.Add("Description")
        searchMe.Sort.Direction = SortDirection.Ascending
        searchMe.PageSize = 10
        searchMe.Filter = "(&(objectclass=user)(samaccountname=" & objUser & "))"
 
        searchMe.SearchScope = SearchScope.Subtree
        Dim results As SearchResultCollection
        results = searchMe.FindAll()
        Dim result As SearchResult
 
        arrCount = intcount - 1
 
        Dim myDarr1(arrCount, 7) As String
        arrCount = 0
 
        For Each result In results
            intcount = intcount + 1
        Next
        If InStr(result.Properties("DisplayName")(0), "$") Then
 
        Else
 
            Try
                resDescription = result.Properties("description")(0)
            Catch ex As Exception
                resDescription = ""
            End Try
 
            TextBox1.Text = resdescription
 
        End If
       
    End Sub

Open in new window

0
Comment
Question by:JB4375
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 83

Expert Comment

by:CodeCruiser
ID: 24876711
Check the heading number 7 in the following link

http://www.vbdotnetheaven.com/UploadFile/ecabral/ADandNETInVB11112005020216AM/ADandNETInVB.aspx?ArticleID=d4c079fb-0f31-40a4-8917-88e54839c1b5
7. Enable a user account.
 
''' <summary>
''' Method to enable a user account in the AD.
''' </summary>
''' <param name="de"></param>
Private Shared Sub EnableAccount(ByVal de As DirectoryEntry)
'UF_DONT_EXPIRE_PASSWD 0x10000
Dim exp As Integer = CInt(de.Properties("userAccountControl").Value)
de.Properties("userAccountControl").Value = exp Or &H0001
de.CommitChanges()
'UF_ACCOUNTDISABLE 0x0002
Dim val As Integer = CInt(de.Properties("userAccountControl").Value)
de.Properties("userAccountControl").Value = val And Not &H0002
de.CommitChanges()
End Sub

Open in new window

0
 
LVL 1

Author Comment

by:JB4375
ID: 24927423
I get what it's supposed to be doing, however I'm at a loss on how to pass the argument to the Enable_Account Sub. I have a dropdownlist that lists the member of the group, the person selects from that sorted list and then clicks a button to enable the account.
Below is the my code for the drop down, the call, etc.
Thanks
 

Public Sub FillDropdown()
        Dim ldapPath As String = "LDAP://DC=domain,DC=com"
        Dim de As New DirectoryEntry(ldapPath)
        Dim ds As New DirectorySearcher(de)
        ds.PageSize = 1000
        ds.Filter = "(objectCategory=User)"
        Dim colUsers As ArrayList
        colUsers = New ArrayList
        Dim result As SearchResult
 
        For Each result In ds.FindAll()
            colUsers.Add(result.Properties("cn")(0))
        Next result
        colUsers.Sort()
        DropDownList1.DataSource = colUsers
        DropDownList1.DataBind()
        de.Username = "domain\" & DropDownList1.SelectedItem.Text
    End Sub
 
Call Enable_Account(????) No idea....doesn't like de.UserName though
 
Private Shared Sub Enable_Account(ByVal de As DirectoryEntry)
        'UF_DONT_EXPIRE_PASSWD 0x10000
        Dim exp As Integer = CInt(de.Properties("userAccountControl").Value)
        de.Properties("userAccountControl").Value = exp Or &H1
        de.CommitChanges()
        'UF_ACCOUNTDISABLE 0x0002
        Dim val As Integer = CInt(de.Properties("userAccountControl").Value)
        de.Properties("userAccountControl").Value = val And Not &H2
        de.CommitChanges()
    End Sub

Open in new window

0
 
LVL 83

Accepted Solution

by:
CodeCruiser earned 500 total points
ID: 24932813
You need to pass the de to the sub. When button is clicked, set the de properly. For example
de.Path = "LDAP://192.168.1.1/CN=Users;DC=Yourdomain"

Where you would use the IP address of your AD controller and you domain.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 1

Author Comment

by:JB4375
ID: 24936760
OK.
1. I query AD to fill the drop down with members of an OU.
2. I select and account from the list, and on postback the attribute "account description" of the selected item is displayed in another field.
3. I click submit, and the Enable_Account sub is called.
Since I've pointed to the OU it's located in, and displayed it attributes, I was under the impression that I already had the object itself.  Why am I needing to pass the path again instead of just being able to change one of the object's other attributes?
I feel like I'm missing what seems like a minor detail, but is actually totally necessary for what I'm trying to accomplish.
0
 
LVL 83

Expert Comment

by:CodeCruiser
ID: 24956932
Hi,
Sorry for late response. I did not understand your point. You are only passing the DirectoryEntry object to the Enable_Account sub.
0
 
LVL 1

Author Comment

by:JB4375
ID: 24960301
Sorry to be slow on the uptake........
"You are only passing the DirectoryEntry object to the Enable_Account sub."
Is this what I SHOULD be doing, and I'm failing to do so, OR
Is this what I'm currently doing, when I should be doing something else?
0
 
LVL 83

Expert Comment

by:CodeCruiser
ID: 24965906
Your code looks absolutly fine. The passing of DirectoryEntry is fine as well.
0
 
LVL 1

Author Closing Comment

by:JB4375
ID: 31604295
Thanks for help and patience. ;-)
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question