Re: Is possible Three attempt in Directory Entry Class
- From: sameem <sameem@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 4 Apr 2008 03:59:00 -0700
User Name format is Active Directory User Account.
My requirement is, three attempt will occur if password is wrong in First
and Secord attempt like OS windows IT Security policy. Like in third attempt
AD User try to logon with wrong Password that attempt should get lock.
Yet I have tried to solve the problem with session count flag till third
attempt but in second attempt hit with wrong password in the following code
got into the lock.
Dim de As New DirectoryEntry("GC://DomainName", Session("UName"),
Session("PWord"), AuthenticationTypes.Secure)
Dim deSearch As DirectorySearcher = New DirectorySearcher()
deSearch.SearchRoot = de
deSearch.Filter =
"(&(objectCategory=user)(objectClass=person)(sAMAccountName=" +
Session("UName") + "))"
deSearch.SearchScope = SearchScope.Subtree
Dim results As SearchResult = deSearch.FindOne()
Explanation for what I have done:
Here Im using Session Flag for redirect to login page
1) First attempt with wrong Password that redirected to login page. Second
attempt with correct Password that allow to logon to site.
2) In Second attempt with wrong Password that redirected to login page.
Third attempt with Correct Password that not allowed to logon to site
For third attempt with correct user name and password got to lock that
implies in Second attempt with wrong password while hit the Directory Entry
that user account goes lock.
"Joe Kaplan" wrote:
What format is the username in? You need to use a qualified username format.
if you want to prevent multiple bind attempts from happening.
A lockout threshold of 3 is also way too low and quite a bit outside of
Microsoft's guidelines. It might be a good idea to raise that concern with
your administrators.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"sameem" <sameem@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:BE9DD2D5-EB6A-4999-866E-9A069D2B42BC@xxxxxxxxxxxxxxxx
Hi All,
Im using windows athentication, Visual Studio 2005 and Windows XP, . I
have
written code like below. This code is working fine when Im giving right
user
name and password. If password is wrong in first attempt that got lock for
my
Active Directory user. My requirement is, three attempt if password is
wrong
like OS windows security policy to allow the user upto three attempt.
This is my code
------------------
Dim a As New DirectoryEntry("GC://domainname", Session("UName"),
Session("PWord"), AuthenticationTypes.Secure)
Dim searcher As New DirectorySearcher.FindOne()
Dim MyResultPropColl As ResultPropertyCollection(a,
"(&(objectCategory=user)(objectClass=person)(sAMAccountName=" +
Session("UName") + ")(!userAccountControl:1.2.850.113556.1.4.803:=2))") ',
"(&(anr=a-driches)(objectCategory=person))")
Dim sr As SearchResult = searcher. = sr.Properties
Dim myKey As String
For Each myKey In MyResultPropColl.PropertyNames
For Each mycollection As Object In MyResultPropColl(myKey)
If myKey = "memberof" Then
Cn.Add(mycollection.ToString)
End If
Next
Next
what shall I do for three attempt?
Regards,
- Follow-Ups:
- Re: Is possible Three attempt in Directory Entry Class
- From: Joe Kaplan
- Re: Is possible Three attempt in Directory Entry Class
- Prev by Date: Create MailBox Exchange Server ASP.net
- Next by Date: Re: Create MailBox Exchange Server ASP.net
- Previous by thread: Create MailBox Exchange Server ASP.net
- Next by thread: Re: Is possible Three attempt in Directory Entry Class
- Index(es):
Relevant Pages
|
|
