PrincipalContext.ValidateCredentials不设置lastLogon日期为用户 [英] PrincipalContext.ValidateCredentials doesn't set lastLogon date for user

问题描述

我验证的用户在Active Directory存储如下：

I'm validating users in an Active Directory store as follows:

// using System.DirectoryServices.AccountManagement;
// located in System.DirectoryServices.AccountManagement.dll

using (var context = new PrincipalContext(ContextType.Domain, server, container, 
    ContextOptions.Negotiate, validateUsername, validatePassword))
{
    var valid = context.ValidateCredentials(validateUsername, validatePassword);
    if (valid)
    {
        Console.WriteLine("SUCCESS!");
        using (var userContext = UserPrincipal.FindByIdentity(context,
               IdentityType.SamAccountName, validateUsername))
        {
            Console.WriteLine("LastLogon = " + userContext.LastLogon);
        }
    }
    else
        Console.WriteLine("FAILED!");
}

验证是成功的，但 lastLogon 值永远不会改变。这是至关重要的，当我们在code用户由于其他软件使用这个值验证此值更改。我知道 ActiveDirectoryMembershipProvider 认证改变了这一属性，所以我不知道是否有一种方法，我可以使用 PrincipalContext （重用AD连接），但执行此验证更改 lastLogon 值。

The validation is successful, but the lastLogon value is never changed. It's essential that this value is changed when we authenticate a user in code due to other software using this value. I know ActiveDirectoryMembershipProvider authentication changes this property, so I'm wondering if there's a way I can use PrincipalContext (to reuse AD connections) but perform this validation to change the lastLogon value.

推荐答案

使用的lastLogonTimestamp 。这是一个获取当你试图通过 PrincipalContext 对象连接AD更新的领域。

Use lastLogonTimestamp. This is the field that gets updated in AD when you're attempting to connect via a PrincipalContext object.

这篇关于PrincipalContext.ValidateCredentials不设置lastLogon日期为用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！