PrincipalContext.ValidateCredentials不设置lastLogon日期为用户 [英] PrincipalContext.ValidateCredentials doesn't set lastLogon date for user
问题描述
我验证的用户在Active Directory存储如下:
I'm validating users in an Active Directory store as follows:
// using System.DirectoryServices.AccountManagement;
// located in System.DirectoryServices.AccountManagement.dll
using (var context = new PrincipalContext(ContextType.Domain, server, container,
ContextOptions.Negotiate, validateUsername, validatePassword))
{
var valid = context.ValidateCredentials(validateUsername, validatePassword);
if (valid)
{
Console.WriteLine("SUCCESS!");
using (var userContext = UserPrincipal.FindByIdentity(context,
IdentityType.SamAccountName, validateUsername))
{
Console.WriteLine("LastLogon = " + userContext.LastLogon);
}
}
else
Console.WriteLine("FAILED!");
}
验证是成功的,但 lastLogon
值永远不会改变。这是至关重要的,当我们在code用户由于其他软件使用这个值验证此值更改。我知道 ActiveDirectoryMembershipProvider
认证改变了这一属性,所以我不知道是否有一种方法,我可以使用 PrincipalContext
(重用AD连接),但执行此验证更改 lastLogon
值。
The validation is successful, but the lastLogon
value is never changed. It's essential that this value is changed when we authenticate a user in code due to other software using this value. I know ActiveDirectoryMembershipProvider
authentication changes this property, so I'm wondering if there's a way I can use PrincipalContext
(to reuse AD connections) but perform this validation to change the lastLogon
value.
推荐答案
使用的lastLogonTimestamp
。这是一个获取当你试图通过 PrincipalContext
对象连接AD更新的领域。
Use lastLogonTimestamp
. This is the field that gets updated in AD when you're attempting to connect via a PrincipalContext
object.
这篇关于PrincipalContext.ValidateCredentials不设置lastLogon日期为用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!