Using the DirectoryServices.AccountManagement library in C#, I am establishing a PrincipalContext, then using that context to validate users.
It seems that the username with which I am establishing the context is being intermittently corrupted/reset or something else is going on causing the establishing of context to fail.
After manually resetting the password to using ADSIEdit, I am able to establish context as normal.
I am establishing context as shown:
PrincipalContext ldsUserContext = new PrincipalContext( ContextType.ApplicationDirectory, "[servername]:389", "CN=USERS,CN=XXX,O=XXX", ContextOptions.SimpleBind, "CN=[username],CN=PEOPLE,CN=XXX,O=XXX", "[password]");
I then use ValidateCredentials as show开发者_开发问答n:
context.ValidateCredentials("CN=[login],CN=USERS,CN=XXX,O=XXX", [userpassword], ContextOptions.SimpleBind)
There are currently around 15 users logging in around 5 times each during the day. There can be days or months between each occurrence of the problem.
Any ideas as to what might be going on?
Thanks,
Matt
Have you looked to see if the account is getting intruder locked? I.e. Someone is making random password guess attempts against the account. This locks it, and thus you cannot log in.
What I am not sure of, is if a Password change via ADSI Edit will reset the accountLockout time.
精彩评论