Home » Access detailed user account information in AD using VB.Net

One of the challenges on large domains is keeping track of unused accounts, or checking to see if end users passwords have expired.  Now, I know there are several tools out and about that enable you to do this…But come on, where’s the fun in that!?

Using the code detailed below you can query active directory straight from a VB.Net application.

To use this code:

  1. Create a Form in vb.net, call it frmMain
  2. Add a text box to the form to handle the users name, call it txtUsername
  3. Add a text box to the form, set it to multiline = true, call it txtDetails
  4. Add a command button to the form, call it cmdGo
  5. Copy and paste the code below into the code editor
  6. Add a reference to the ‘System.DirectoryServices.AccountManagement’ .Net add-in
  7. Modify the line:
    Dim insPrincipalContext As New PrincipalContext(ContextType.Domain, "", "DC=,DC=com")

    To include your domain name and domain controllers name.  So, for instance, if your domain controller was called SBSserver, and your domain name was Dom1 then you would need to edit the line to read:

    Dim insPrincipalContext As New PrincipalContext(ContextType.Domain, "SBSserver", "DC=Dom1,DC=com")

Now the code below is quite basic/limited but this gives you access to the currentADuser object, which you can use autocomplete to show you just what it can do. You may also notice that the code below is geared more towards searching more then one account.  This was extracted from a much larger project, after spending too long searching the net trying to find solutions to issues with the findall command.

Imports System.DirectoryServices.AccountManagement
Public Class frmMain
Dim insPrincipalContext As New PrincipalContext(ContextType.Domain, "", "DC=,DC=com")

Private Sub ListUsers(ByVal strUsername As String)

Dim insUserPrincipal As New UserPrincipal(insPrincipalContext)
insUserPrincipal.Name = strUsername
SearchUsers(insUserPrincipal)
End Sub
Private Sub SearchUsers(ByVal parUserPrincipal As UserPrincipal)

Dim insPrincipalSearcher As New PrincipalSearcher()
Dim currentADUser As System.DirectoryServices.AccountManagement.UserPrincipal
insPrincipalSearcher.QueryFilter = parUserPrincipal
Dim results As PrincipalSearchResult(Of Principal) = insPrincipalSearcher.FindAll
For Each p As Principal In results
currentADUser = p
LogDetails("Account Expiration Date: " & currentADUser.AccountExpirationDate)
LogDetails("Account Lockout Time: " & currentADUser.AccountLockoutTime)
LogDetails("Account Bad Logon Count: " & currentADUser.BadLogonCount)
LogDetails("Account Description: " & currentADUser.Description)
LogDetails("Account Display Name: " & currentADUser.DisplayName)
LogDetails("Account Distinguished Name: " & currentADUser.DistinguishedName)
LogDetails("Account Email Address: " & currentADUser.EmailAddress)
LogDetails("Account Employee ID: " & currentADUser.EmployeeId)
LogDetails("Account Enabaled: " & currentADUser.Enabled)
LogDetails("Account Last Logged On: " & currentADUser.LastLogon)
LogDetails("Account Password Set on: " & currentADUser.LastPasswordSet)
Next
End Sub
Private Sub LogDetails(ByVal strString As String)
txtDetails.Text = txtDetails.Text & strString & vbCrLf
End Sub
Private Sub cmdGo_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdGo.Click
ListUsers(txtUsername.Text)
End Sub
End Class

If you do find the code useful and decide to use it in your project, drop me a comment below and let me know how it goes.

Home » Access detailed user account information in AD using VB.Net


  • Pingback: My Homepage

  • Sam Raby

    Hi , thanks for this its helped me out . im just a bit stuck

    I’ve found that the code only returns the details when the full display name is given.

    How can i get it to search based on a partial name e.g ” John S” instead of “John Smith”

    • http://www.mikesel.info/ Mike Hudson

      Hi Sam

      What you need to do is use the ‘wildcard’ (*) in your search.

      It’s difficult to expand the code above, but if you post your code I will adjust it for you.

      Thanks
      Mike

  • Sam Raby

    Hi , thanks for this its helped me out . im just a bit stuck

    I’ve found that the code only returns the details when the full display name is given.

    How can i get it to search based on a partial name e.g ” John S” instead of “John Smith”

    • http://www.mikesel.info/ Mike Hudson

      Hi Sam

      What you need to do is use the ‘wildcard’ (*) in your search.

      It’s difficult to expand the code above, but if you post your code I will adjust it for you.

      Thanks
      Mike

  • Ryan Crane

    Hi Mike, just come across your article has helped me out big time. One quick question though how would I go about change the search criteria to the Username instead of the Alias?


Page 1 of 11