One of the challenges on large domains is keeping track of unused accounts, or checking to see if end users passwords have expired.  Now, I know there are several tools out and about that enable you to do this…But come on, where’s the fun in that!?

Using the code detailed below you can query active directory straight from a VB.Net application.

To use this code:

  1. Create a Form in vb.net, call it frmMain
  2. Add a text box to the form to handle the users name, call it txtUsername
  3. Add a text box to the form, set it to multiline = true, call it txtDetails
  4. Add a command button to the form, call it cmdGo
  5. Copy and paste the code below into the code editor
  6. Add a reference to the ‘System.DirectoryServices.AccountManagement’ .Net add-in
  7. Modify the line:
    Dim insPrincipalContext As New PrincipalContext(ContextType.Domain, "", "DC=,DC=com")

    To include your domain name and domain controllers name.  So, for instance, if your domain controller was called SBSserver, and your domain name was Dom1 then you would need to edit the line to read:

    Dim insPrincipalContext As New PrincipalContext(ContextType.Domain, "SBSserver", "DC=Dom1,DC=com")

Now the code below is quite basic/limited but this gives you access to the currentADuser object, which you can use autocomplete to show you just what it can do. You may also notice that the code below is geared more towards searching more then one account.  This was extracted from a much larger project, after spending too long searching the net trying to find solutions to issues with the findall command.

Imports System.DirectoryServices.AccountManagement  Public Class frmMain  Dim insPrincipalContext As New PrincipalContext(ContextType.Domain, "", "DC=,DC=com")    Private Sub ListUsers(ByVal strUsername As String)    Dim insUserPrincipal As New UserPrincipal(insPrincipalContext)  insUserPrincipal.Name = strUsername  SearchUsers(insUserPrincipal)  End Sub  Private Sub SearchUsers(ByVal parUserPrincipal As UserPrincipal)    Dim insPrincipalSearcher As New PrincipalSearcher()  Dim currentADUser As System.DirectoryServices.AccountManagement.UserPrincipal  insPrincipalSearcher.QueryFilter = parUserPrincipal  Dim results As PrincipalSearchResult(Of Principal) = insPrincipalSearcher.FindAll  For Each p As Principal In results  currentADUser = p  LogDetails("Account Expiration Date: " & currentADUser.AccountExpirationDate)  LogDetails("Account Lockout Time: " & currentADUser.AccountLockoutTime)  LogDetails("Account Bad Logon Count: " & currentADUser.BadLogonCount)  LogDetails("Account Description: " & currentADUser.Description)  LogDetails("Account Display Name: " & currentADUser.DisplayName)  LogDetails("Account Distinguished Name: " & currentADUser.DistinguishedName)  LogDetails("Account Email Address: " & currentADUser.EmailAddress)  LogDetails("Account Employee ID: " & currentADUser.EmployeeId)  LogDetails("Account Enabaled: " & currentADUser.Enabled)  LogDetails("Account Last Logged On: " & currentADUser.LastLogon)  LogDetails("Account Password Set on: " & currentADUser.LastPasswordSet)  Next  End Sub  Private Sub LogDetails(ByVal strString As String)  txtDetails.Text = txtDetails.Text & strString & vbCrLf  End Sub  Private Sub cmdGo_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdGo.Click  ListUsers(txtUsername.Text)  End Sub  End Class

If you do find the code useful and decide to use it in your project, drop me a comment below and let me know how it goes.

 
  • Pingback: My Homepage

  • Sam Raby

    Hi , thanks for this its helped me out . im just a bit stuck

    I’ve found that the code only returns the details when the full display name is given.

    How can i get it to search based on a partial name e.g ” John S” instead of “John Smith”

    • http://www.mikesel.info/ Mike Hudson

      Hi Sam

      What you need to do is use the ‘wildcard’ (*) in your search.

      It’s difficult to expand the code above, but if you post your code I will adjust it for you.

      Thanks
      Mike

  • Ryan Crane

    Hi Mike, just come across your article has helped me out big time. One quick question though how would I go about change the search criteria to the Username instead of the Alias?


Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!