One of the challenges on large domains is keeping track of unused accounts, or checking to see if end users passwords have expired. Now, I know there are several tools out and about that enable you to do this…But come on, where’s the fun in that!?
Using the code detailed below you can query active directory straight from a VB.Net application.
To use this code:
- Create a Form in vb.net, call it frmMain
- Add a text box to the form to handle the users name, call it txtUsername
- Add a text box to the form, set it to multiline = true, call it txtDetails
- Add a command button to the form, call it cmdGo
- Copy and paste the code below into the code editor
- Add a reference to the ‘System.DirectoryServices.AccountManagement’ .Net add-in
- Modify the line:
Dim insPrincipalContext As New PrincipalContext(ContextType.Domain, "", "DC=,DC=com")
To include your domain name and domain controllers name. So, for instance, if your domain controller was called SBSserver, and your domain name was Dom1 then you would need to edit the line to read:
Dim insPrincipalContext As New PrincipalContext(ContextType.Domain, "SBSserver", "DC=Dom1,DC=com")
Now the code below is quite basic/limited but this gives you access to the currentADuser object, which you can use autocomplete to show you just what it can do. You may also notice that the code below is geared more towards searching more then one account. This was extracted from a much larger project, after spending too long searching the net trying to find solutions to issues with the findall command.
Imports System.DirectoryServices.AccountManagement Public Class frmMain Dim insPrincipalContext As New PrincipalContext(ContextType.Domain, "", "DC=,DC=com") Private Sub ListUsers(ByVal strUsername As String) Dim insUserPrincipal As New UserPrincipal(insPrincipalContext) insUserPrincipal.Name = strUsername SearchUsers(insUserPrincipal) End Sub Private Sub SearchUsers(ByVal parUserPrincipal As UserPrincipal) Dim insPrincipalSearcher As New PrincipalSearcher() Dim currentADUser As System.DirectoryServices.AccountManagement.UserPrincipal insPrincipalSearcher.QueryFilter = parUserPrincipal Dim results As PrincipalSearchResult(Of Principal) = insPrincipalSearcher.FindAll For Each p As Principal In results currentADUser = p LogDetails("Account Expiration Date: " & currentADUser.AccountExpirationDate) LogDetails("Account Lockout Time: " & currentADUser.AccountLockoutTime) LogDetails("Account Bad Logon Count: " & currentADUser.BadLogonCount) LogDetails("Account Description: " & currentADUser.Description) LogDetails("Account Display Name: " & currentADUser.DisplayName) LogDetails("Account Distinguished Name: " & currentADUser.DistinguishedName) LogDetails("Account Email Address: " & currentADUser.EmailAddress) LogDetails("Account Employee ID: " & currentADUser.EmployeeId) LogDetails("Account Enabaled: " & currentADUser.Enabled) LogDetails("Account Last Logged On: " & currentADUser.LastLogon) LogDetails("Account Password Set on: " & currentADUser.LastPasswordSet) Next End Sub Private Sub LogDetails(ByVal strString As String) txtDetails.Text = txtDetails.Text & strString & vbCrLf End Sub Private Sub cmdGo_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdGo.Click ListUsers(txtUsername.Text) End Sub End Class
If you do find the code useful and decide to use it in your project, drop me a comment below and let me know how it goes.