[英]PrincipalContext.ValidateCredentials doesn't set lastLogon date for user
I'm validating users in an Active Directory store as follows: 我正在验证Active Directory存储中的用户,如下所示:
// using System.DirectoryServices.AccountManagement;
// located in System.DirectoryServices.AccountManagement.dll
using (var context = new PrincipalContext(ContextType.Domain, server, container,
ContextOptions.Negotiate, validateUsername, validatePassword))
{
var valid = context.ValidateCredentials(validateUsername, validatePassword);
if (valid)
{
Console.WriteLine("SUCCESS!");
using (var userContext = UserPrincipal.FindByIdentity(context,
IdentityType.SamAccountName, validateUsername))
{
Console.WriteLine("LastLogon = " + userContext.LastLogon);
}
}
else
Console.WriteLine("FAILED!");
}
The validation is successful, but the lastLogon
value is never changed. 验证成功,但是
lastLogon
值从未更改。 It's essential that this value is changed when we authenticate a user in code due to other software using this value. 当我们在代码中对用户进行身份验证时,由于其他软件正在使用此值,因此更改此值至关重要。 I know
ActiveDirectoryMembershipProvider
authentication changes this property, so I'm wondering if there's a way I can use PrincipalContext
(to reuse AD connections) but perform this validation to change the lastLogon
value. 我知道
ActiveDirectoryMembershipProvider
身份验证会更改此属性,所以我想知道是否有一种方法可以使用PrincipalContext
(重用AD连接),但是可以执行此验证来更改lastLogon
值。
Use lastLogonTimestamp
. 使用
lastLogonTimestamp
。 This is the field that gets updated in AD when you're attempting to connect via a PrincipalContext
object. 当您尝试通过
PrincipalContext
对象进行连接时,这是在AD中更新的字段。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.