System.DirectoryServices.AccountManagement

This class provides writable access to certain attributes so that users can modify read-only properties of the "dummy" principal object that is passed to a object when using Query By Example.

Instantiates a new object. Not intended to be called directly.

A object.

Sets the query filter for the attribute to the specified time and comparison type.

A object. A that specifies how should be used in the comparison.

Sets the query filter to the specified time and comparison type.

A object. A that specifies how should be used in the comparison.

Creates a query filter for a property in an extended class.

The name of the attribute. An object. The object type of . A that specifies how should be compared to the attribute's value.

Sets the query filter for the attribute to the specified value and comparison type.

An integer. A that specifies how should be compared to the attribute's value.

Sets the query filter for the attribute to the specified and the specified comparison value.

A object. A that specifies how should be used in the comparison.

Sets the query filter for the attribute to the specified and the specified comparison value.

A object. A that specifies how should be used in the comparison.

Sets the query filter for the attribute to the specified and the specified comparison value.

A object. A that specifies how should be used in the comparison.

Encapsulates the account and contact data common to principals that can be authenticated.

Initializes a new instance of the class by using the specified context, SAM account name, password, and enabled value. This constructor is called by derived-class constructors to initialize the base class and is not intended for use directly from your code.

The that specifies the server or domain against which operations are performed. The SAM account name for this principal. The password for this account. A Boolean value that specifies whether the account is enabled.

Initializes a new instance of the class by using the specified context. This constructor is called by derived-class constructors to initialize the base class and is not intended for use directly from your code.

The that specifies the server or domain against which operations are performed.

Changes the account password from the old password to the new password. Do not use this with a .

The password that is changed. The new password. The principal has not been persisted. The new password does not meet the complexity requirements. The principal is not a user.

Expires the password for this account. This will force the user to change his/her password at the next logon.

An exception occurred when saving the changes to the store.

Returns a collection of authentication principal objects that have an incorrect password try recorded in the specified date and time range.

The object that specifies the server or domain against which operations are performed. A object that identifies the date and time of the incorrect password try. This parameter is used with the type parameter to determine the range of time in which the returned objects have an incorrect logon try recorded. A enumeration value that specifies the type of match that is applied to the parameter. A that contains one or more objects, or an empty collection if no results are found.

Returns a collection of objects that have a bad password attempt within the specified date and time range. This is the template function for extended classes that wish to implement this functionality.

The that specifies the server or domain against which operations are performed. A object that identifies the date and time of the password set. This parameter is used with the type parameter to determine the range of time in which the returned objects have a password set recorded. A enumeration value that specifies the type of match that is applied to the parameter. A that contains one or more objects of the appropriate principal type, or an empty collection if no matches are found.

Returns a collection of authentication principal objects that have an account expiration time recorded in the specified date and time range.

The that specifies the server or domain against which operations are performed. A object that identifies the date and time of the account expiration. This parameter is used with the type parameter to determine the range of time in which the returned objects have an account expiration recorded. A enumeration value that specifies the type of match that is applied to the parameter. A that contains one or more objects.

Returns a collection of objects that have an expiration time within the specified date and time range. This is the template function for extended classes that wish to implement this functionality.

Returns a collection of authentication principal objects that have an account lockout time recorded in the specified date and time range.

The that specifies the server or domain against which operations are performed. A object that identifies the date and time of the account lockout. This parameter is used with the type parameter to determine the range of time in which the returned objects have an account lockout recorded. A enumeration value that specifies the type of match that is applied to the parameter. A that contains one or more objects.

Returns a collection of objects that have a lockout time within the specified date and time range. This is the template function for extended classes that wish to implement this functionality.

Returns a collection of authentication principal objects that have an account logon recorded in the specified date and time range.

The that specifies the server or domain against which operations are performed. A object that identifies the date and time of the logon record. This parameter is used with the type parameter to determine the range of time in which the returned objects have an account logon recorded. A enumeration value that specifies the type of match that is applied to the parameter. A that contains one or more objects.

Returns a collection of objects that have a logon time within the specified date and time range. This is the template function for extended classes that wish to implement this functionality.

Returns a collection of authentication principal objects that have an account password set recorded in the specified date and time range.

Returns a collection of objects that have a password set time within the specified date and time range. This is the template function for extended classes that wish to implement this functionality.

Returns a Boolean value that specifies whether the account is currently locked out.

if the account is locked out; otherwise .

Refreshes an expired password.

An exception occurred when saving the changes to the store.

Sets the account password to the specified value.

The new password. Throws an exception if the caller does not have appropriate rights, the new password does not meet password complexity requirements, or for any other reason that the underlying stores reject the password change.

Unlocks the account if it is currently locked out.

The caller does not have appropriate rights. -or- An exception occurred when saving the changes to the store.

Gets or sets a Nullable that specifies the date and time that the account expires.

The underlying store does not support this property. A that specifies the date and time that the account expires, or null if the account never expires.

Gets the Nullable that specifies the date and time that the account was locked out.

The underlying store does not support this property. A that specifies the date and time that the account was locked out, or null if no lockout time is set on the account.

Returns an object for use with Query By Example to set read-only properties before passing the object to the .

An object to use to set read-only properties before passing it to the .

Gets or sets a Boolean value that specifies whether reversible password encryption is enabled for this account.

The underlying store does not support this property. if reversible password encryption is enabled for this account; otherwise .

Gets the number of logon attempts using incorrect credentials for this account.

The underlying store does not support this property. The number of logon attempts using incorrect credentials for this account.

Gets a that contains the X509 certificates for this account.

The underlying store does not support this property. A that contains the X509 certificates for this account.

Gets or sets a Nullable Boolean value that specifies whether the account may be delegated.

The underlying store does not support this property. if the account may be delegated; otherwise .

Gets or sets a Nullable Boolean value that specifies whether this account is enabled for authentication.

The underlying store does not support this property. The application tried to set a null value for this property. if the principal is enabled, or null if the account has not been persisted; otherwise .

Gets or sets the home directory for this account.

The underlying store does not support this property. The home directory for this account, or null if no home directory exists.

Gets or sets the home drive for this account.

The underlying store does not support this property. The home drive for the account, or null if no home drive exists.

Gets the Nullable that specifies the date and time of the last incorrect password attempt on this account.

The underlying store does not support this property. A Nullable that specifies the date and time of the last incorrect password attempt on this account, or null if no incorrect password tries are recorded.

Gets the Nullable that specifies the date and time of the last logon for this account.

The underlying store does not support this property. A Nullable that specifies the date and time of the last logon for this account.

Gets the Nullable that specifies the last date and time that the password was set for this account.

The underlying store does not support this property. A Nullable that specifies the last date and time that the password was set for this account.

Gets or sets a Boolean value that specifies whether the password expires for this account.

The underlying store does not support this property. if the password does not expire for this account; otherwise .

Gets or sets a Boolean value that specifies whether a password is required for this account.

The underlying store does not support this property. if a password is required for this account; otherwise .

Gets or sets the times when the principal can logon.

The underlying store does not support this property. The permitted logon times for this account.

Gets the list of workstations that this principal is permitted to log into.

The underlying store does not support this property. The mutable list of workstations that this principal is permitted to log into.

Gets or sets the script path for this account.

The underlying store does not support this property. A path of the script for this account, or null if there is no script path.

Gets or sets a Boolean value that specifies whether a smartcard is required to log on to the account.

The underlying store does not support this property. if a smartcard is required to log on to this account; otherwise .

Gets or sets a Boolean value that specifies whether the user can change the password for this account. Do not use this with a .

The underlying store does not support this property. This principal object is not a user. if the user is not permitted to change the password; otherwise .

Encapsulates principals that are computer accounts.

Initializes a new instance of the class by using the specified context, SAM account name, password, and enabled value.

The that specifies the server or domain against which operations are performed. The SAM account name for this computer principal. The password for this account. A Boolean value that specifies whether the account is enabled.

Initializes a new instance of the class and assigns it to the specified context.

The that specifies the server or domain against which operations are performed.

Returns a collection of objects that have had bad password attempts within the parameters specified.

The that specifies the server or domain against which operations are performed. A structure that is used in conjunction with the to find computers with bad password attempts. The that specifies the type of comparison to use in the search. A that contains one or more objects that match the search parameters, or an empty collection if no matches are found.

Returns a collection of objects that have an expiration time within the specified date and time range.

The that specifies the server or domain against which operations are performed. A structure that is used in conjunction with the to filter search results. The that specifies the type of comparison to use in the search. A that contains one or more objects that match the search parameters, or an empty collection if no matches are found.

Returns a computer principal object that matches the specified identity type and value. This version of the method determines the format of the identity value.

The that specifies the server or domain against which operations are performed. A enumeration value that specifies the format of the parameter. The identity of the computer. This parameter can be any format that is contained in the enumeration. Multiple computer principal objects matching the current computer object were found. The identity value is not a valid enumeration value. A object that matches the specified identity value and type, or null if no matches are found.

Returns a computer principal object that matches the specified identity value.

The that specifies the server or domain against which operations are performed. The identity of the computer. This parameter can be any format that is contained in the enumeration. Multiple computer principal objects matching the current computer object were found. A object that matches the specified identity value, or null if no matches are found.

Returns a collection of objects that have a lockout time within the specified date and time range.

Returns a collection of objects that have a logon time within the specified date and time range.

Returns a collection of objects that have a password set time within the specified date and time range.

Gets a collection of the Service Principal Names (SPN) for the computer account.

A collection of SPNs that specify the names of the accounts registered for this computer. The syntax for the SPN depends on the underlying store.

Specifies the options that are used for binding to the server. The application can set multiple options that are linked with a bitwise OR operation.

The client is authenticated by using either Kerberos or NTLM. When the user name and password are not provided, the Account Management API binds to the object by using the security context of the calling thread, which is either the security context of the user account under which the application is running or of the client user account that the calling thread represents.

The data is encrypted by using Kerberos. This flag can only be used with the Negotiate context option and is not available with the simple bind option.

The channel is encrypted by using the Secure Sockets Layer (SSL). Active Directory requires that the Certificate Services be installed to support SSL.

Specify this flag when you use the domain context type if the application is binding to a specific server name.

The integrity of the data is verified. This flag can only be used with the Negotiate context option and is not available with the simple bind option.

The client is authenticated by using the Basic authentication. Caution: Communications may be sent over the Internet in clear text if the SecureSocketsLayer option is not specified with simple bind.

Specifies the type of store to which the principal belongs.

The application directory store. This represents the AD LDS store.

The domain store. This represents the AD DS store.

The computer store. This represents the SAM store.

Represents the schema object that is used to create an object of this type in the directory. This attribute is required for principal extensions and can only be set on classes.

Initializes a new instance of the class with the specified object class value. The object created in the directory will be created with this object class type.

The string that contains the object class value. The property is initialized to this value. The object class string represents the objectClass attribute for the application directory and domain directories.

This property is not implemented and always returns null.

A enumeration value that specifies the type of store to which the attribute applies, or null if no context is set.

Returns the object class value for the extended class.

The object class value for the extended class.

Contains the data required by the store to map a principal property to a directory attribute. This attribute is required for principal extensions and can only be set on a property. It must be specified on every property that represents a directory attribute in the extended class.

Initializes a new instance of the class with the schema attribute name.

The name of the attribute that is set in the directory. The property is initialized to this value. This property represents the ldapDisplayName for application directory and domain directories.

This property is not implemented and always returns null.

A enumeration value that specifies the type of store to which this attribute applies, or null if no context is set.

Returns the string that represents the attribute name in the directory.

The string that represents the attribute name in the directory.

The RDN prefix used to construct the RDN for the new object that is inserted into the store. The default RDN prefix of "CN" is used by the Account Management API if this attribute is not set. This attribute is optional and can only be set on principal extension classes.

Initializes a new instance of the class with the RDN prefix.

The RDN prefix. The property is initialized to this value.

This property is not implemented and always returns null.

A enumeration value that specifies the type of store to which this attribute applies, or null is no context is set.

Returns the RDN prefix used to construct the RDN.

The RDN prefix used to construct the RDN.

Encapsulates group accounts. Group accounts can be arbitrary collections of principal objects or accounts created for administrative purposes.

Initializes a new instance of the class and assigns it to the specified context and SAM account name.

The that specifies the server or domain against which operations are performed. The SAM account name for this principal.

Initializes a new instance of the class by using the specified context.

The that specifies the server or domain against which operations are performed.

Disposes the current instance of the object.

Returns a group principal object that matches the specified identity type, and value. This version of the method determines the format of the identity value.

The that specifies the server or domain against which operations are performed. A enumeration value that specifies the format of the parameter. The identity of the group principal. This parameter can be any format that is contained in the enumeration. Multiple group principal objects matching the current group object were found. The identity value is not a valid enumeration value. A that matches the specified identity value and type, or null if no matches are found.

Returns a group principal object that matches the specified identity value.

The that specifies the server or domain against which operations are performed. The identity of the group principal. This parameter can be any format that is contained in the enumeration. Multiple group principal objects matching the current group object were found. A object that matches the specified identity value and type, or null if no matches are found.

Returns a collection of the principal objects that is contained in the group.

A object that contains the principal objects that are members of the group, or an empty collection if the group has no members.

Returns a collection of the principal objects that is contained in the group. When the recursive flag is set to true, this method searches the current group recursively and returns all nested group members.

A Boolean value that specifies whether the group is searched recursively. A object that contains the principal objects that are members of the group, or an empty collection if the group has no members.

Gets or sets a Nullable enumeration that specifies the scope for this group principal.

The application may not set this property to null. A nullable enumeration value that specifies the scope of this group or null if no scope has been set.

Gets or sets a Nullable Boolean value that indicates whether the group is security-enabled.

The application may not set this property to null. if the group is security enabled, or null if the group has not been persisted; otherwise .

Gets a collection of principal objects that represent the members of the group.

A object that contains the principal objects that represent the members of the group.

Specifies the scope of the group principal.

The group's scope is global. This group type is supported on AD DS. When a global group is specified with an AD LDS directory, a group is created instead.

The scope of the group is local. This group type is supported on AD DS and AD LDS.

The scope of the group is universal. This group type is supported on AD DS and AD LDS.

Specifies the format of the identity.

The identity is a Distinguished Name (DN).

The identity is a Globally Unique Identifier (GUID).

The identity is a name.

The identity is a Security Account Manager (SAM) name.

The identity is a Security Identifier (SID) in Security Descriptor Definition Language (SDDL) format.

The identity is a User Principal Name (UPN).

The enumeration specifies the type of comparison used in a search.

The search results include values that equal the supplied value. If the supplied value specifies a date and time, the returned collection includes objects that have the same date and time.

The search results include values that are greater than the supplied value. If the supplied value specifies a date and time, the returned collection includes objects that are dated after the specified date and time.

The search results include values that are greater than or equal to the supplied value. If the supplied value specifies a date and time, the returned collection includes objects that are dated on or after the specified date and time.

The search results include values that are less than the supplied value. If the supplied value specifies a date and time, the returned collection includes objects that are dated prior to the specified date and time.

The search results include values that are less than or equal to the supplied value. If the supplied value specifies a date and time, the returned collection includes objects that are dated prior to or on the specified date and time.

The search results include values that are not equal to the supplied value. If the supplied value specifies a date and time, the returned collection includes objects that do not include the specified date and time.

This exception is thrown by methods that expect to match a single principal object when there are multiple matches to the search query.

Instantiates a new instance of the class.

Initializes a new instance of the class from the specified and instances.

A that contains the information required to serialize the new . A that contains the source of the serialized stream that is associated with the new .

Instantiates a new instance of the class with the specified error message and specified nested exception.

The text of the error message. A nested exception.

Instantiates a new instance of the class with the specified error message.

The text of the error message.

This exception is thrown when no matching principal object could be found with the specified parameters.

Instantiates a new instance of the class.

Initializes a new instance of the class from the specified and instances.

A that contains the information required to serialize the new . A that contains the source of the serialized stream that is associated with the new .

Instantiates a new instance of the class with the specified error message and specified nested exception.

The text of the message. A nested exception.

Instantiates a new instance of the class with the specified error message.

The text of the error message.

This exception is thrown when a password does not meet complexity requirements.

Instantiates a new instance of the class.

Initializes a new instance of the class from the specified and instances.

A that contains the information required to serialize the new . A that contains the source of the serialized stream that is associated with the new .

Instantiates a new instance of the class with the specified error message and specified nested exception.

The text of the error message. A nested exception.

Instantiates a new instance of the class with the specified error message.

The text of the error message.

Encapsulates the account data and operations common to all security principals. This is the abstract base class from which all security principals are derived.

Initializes a new instance of the class. This constructor is called by derived-class constructors to initialize the base class and is not intended to be called directly from your code.

Determines whether the or methods have been called on this class. This method is called by classes that derive from this principal class.

The method has been called on this principal object. The method has been called on this principal object.

Deletes the principal object from the store.

The object that is not persisted in the store. The object has already been deleted. The target context type must match the context type of the current principal.

Disposes the current instance of the object.

Returns a Boolean value that specifies whether the supplied object is equal to the current object.

The object that is compared to the current instance. if the supplied object and current principal objects represent the same underlying principal in the store; otherwise .

Retrieves an attribute of an extended class object.

The name of the attribute to retrieve. Returns an array of objects, or if no attribute exists with that name. See System.DirectoryServices.AccountManagement Principal Extensions for an example on using this function.

Sets the value of an attribute in an extended class.

The name of the attribute. The object that contains the value of the attribute.

Returns a principal object that matches the specified identity type, and value. This version of the method determines the format of the identity value.

The that specifies the server or domain against which operations are performed. An enumeration value that specifies the format of the parameter. The identity of the principal. This parameter can be any format that is contained in the enumeration. Multiple principal objects matching the current object were found. The identity type is not a valid enumeration value. A object that matches the specified identity value and type or null if no matches are found.

Returns a principal object that matches the specified identity value.

The that specifies the server or domain against which operations are performed. The identity of the principal. This parameter can be any format that is contained in the enumeration. Multiple principal objects matching the current object were found. A object that matches the specified identity value and type, or null if no matches are found.

Returns a principal object that matches the specified identity type, and value. This method is called by the implementation of the derived-class FindByIdentity method to restrict the search to the derived class type and is not intended to be called directly from your code.

The that specifies the server or domain against which operations are performed. The type of object for which results are returned. This must of type or a type derived from the class. An enumeration value that specifies the type of the identity value. The identity of the principal. A object that matches the specified identity value and type or null if no matches are found.

The that specifies the server or domain against which operations are performed. The type of object for which results are returned. This must of type or a type derived from the class. The identity of the principal. A object that matches the specified identity value and type, or null if no matches are found.

Returns a collection of group objects that specify the groups of which the current principal is a member.

A collection of objects that specify the groups of which the current principal is a member.

Returns a collection of group objects that the principal is a member of and that exist in the store provided by the specified context parameter.

The object that specifies the context against which the query is performed. When the context is located in another domain, the query is performed against the principal objects' representation in the specified context. A collection of objects that specify the groups of which the current principal is a member.

Retrieves the hash created from the contents of the principal object, suited for use in hashing algorithms and data structures like a hash table.

A hash code for the current principal.

Returns the underlying object that provides the contact data for the principal object.

The current principal has not been persisted and does not have an associated object. The underlying object.

Returns the underlying object type.

The underlying object type. For AD DS, AD LDS, and SAM the type is .

Returns a Boolean value that specifies whether the principal is a member of the specified group.

The object for which principal membership is determined. The specified in the group parameter could not be found. More than one matching was found. if the principal is a member of the specified group; otherwise .

Returns a Boolean value that specifies whether the principal is a member of the group specified by identity type and value.

The that specifies the server or domain against which operations are performed. A enumeration value that specifies the type of the identity value. The identity of the group. The identity type or value does not correspond to a . More than one matching was found. if the principal is a member of the specified group; otherwise .

Saves the changes that were made on the principal object to the store. If this is a new principal object, this method inserts it into the store.

The principal has not yet been associated with a object. This type of principal cannot be inserted in the store. An exception occurred when saving changes to the store, or updating the group membership in the store. The principal already occurs in the store. The password does not meet complexity requirements.

Saves the changes that were made on the principal object to the store. If this is a new principal object, this method inserts it into the specified context. If the principal has already been persisted, it is moved from the original context to the specified context.

The that specifies the server or domain against which operations are performed. The principal has not yet been associated with a object. This type of principal cannot be inserted in the store. An exception occurred when saving changes to the store, or updating the group membership in the store. The principal already occurs in the store. The password does not meet complexity requirements.

Returns a user friendly string representation of the current principal object.

A string representation of the current object.

Gets a principal context that is associated with the principal.

A object that contains the context associated with this principal.

Gets a principal context that is associated with this principal.

A object that contains the context associated with this principal.

Gets the context type enumeration value that specifies the type of principal context associated with this principal.

A enumeration value that specifies the context type.

Gets or sets the description of the principal.

The description text for this principal or null if there is no description.

Gets or sets the display name for this principal.

The display name for this principal or null if there is no display name.

Gets the distinguished name (DN) for this principal.

The DN for this principal or null if there is no DN.

Gets the GUID associated with this principal.

The Nullable associated with this principal or null if there is no GUID.

Gets or sets the name of this principal.

The application tried to set the name to null. The underlying store does not support this property. The name of the principal or null if the name attribute is not set.

Gets or sets the SAM account name for this principal.

The application tried to set the SAM account name to null. The application tried to set the SAM account name on a persisted principal. The SAM account name for this principal or null if no name has been set.

Gets the Security ID (SID) of the principal.

The for this principal or null if there is no SID.

Gets the structural object class directory attribute.

The structural object class directory attribute.

Gets or sets the user principal name (UPN) associated with this principal.

The underlying store does not support this property. The UPN associated with this principal or null if no if the UPN has not been set.

A mutable collection of objects derived from the class. This class is designed to be used for multi-valued properties that contain objects. Manipulating the contents of this collection changes the contents of the corresponding store property, which is made permanent when is called on the corresponding principal object.

Adds the specified object to the end of the collection.

A object.

Adds the specified object to the end of the collection.

A object.

Adds the specified object to the end of the collection.

A object.

Searches for a object that matches the parameters, and adds it to the end of the collection.

The object for the principal to be added to the collection. An object that specifies the format of . A string that identifies the principal, in the format specified by .

Adds the specified object to the end of the collection.

A object.

Removes all objects from the collection.

Returns a value indicating whether the collection contains the specified object.

A object. if the collection contains the specified object; otherwise, .

Returns a value indicating whether the collection contains the specified object.

A object. if the collection contains the specified object; otherwise, .

Returns a value indicating whether the collection contains the specified object.

A object. if the collection contains the specified object; otherwise, .

Returns a value indicating whether the object matching the / pair is in the collection.

The object of the principal. An object that specifies the format of . A string that identifies the principal, in the format specified by . if an object matching the / pair is in the collection; otherwise, .

Returns a value indicating whether the collection contains the specified object.

A object. if the collection contains the specified object; otherwise, .

Copies the objects from this into the specified array, starting at the specified position index in array.

The that should be populated with objects. The position in into which the first principal object in the collection should be copied.

Returns an enumerator to iterate through the principals in the .

An containing the principals in the .

Removes the specified object from the collection, and returns if the was a member of this , and otherwise (in which case the method performs no operation).

A object. if the was a member of this ; otherwise, .

Removes the specified object from the collection, and returns if the was a member of this , and otherwise (in which case the method performs no operation).

A object. if the was a member of this ; otherwise, .

Removes the specified object from the collection, and returns if the was a member of this , and otherwise (in which case the method performs no operation).

A object. if the was a member of this ; otherwise, .

Finds the object specified by the given and / pair from the collection, and returns if the identified was a member of this , and otherwise (in which case the method performs no operation).

A object. An that identifies the format of . A string. if the identified was a member of this ; otherwise, .

Removes the specified object from the collection, and returns if the was a member of this , and otherwise (in which case the method performs no operation).

A object. if the was a member of this ; otherwise, .

Copies the objects from this into the specified array, starting at the specified position index in array.

The that should be populated with objects. The position in to which the first object should be copied to.

Returns an enumerator to iterate through the principals in the .

An containing the principals in the .

Returns the count of objects in this collection.

The number of contained in the collection.

Returns . This is not a read-only collection.

Always .

Returns . It is up to the application to serialize access to this collection.

Always .

Returns a synchronization object that can be used to synchronize access to this collection.

Returns the object itself.

Returns the count of objects in this collection.

The count of objects in this collection.

Always returns . It is up to the application to synchronize access to this collection.

Always .

Returns a synchronization object that can be used to synchronize access to this collection. Returns the object itself.

The object.

Encapsulates the server or domain against which all operations are performed, the container that is used as the base of those operations, and the credentials used to perform the operations.

Initializes a new instance of the class with the specified context type, name, container, context options, username, and password.

A enumeration value specifying the type of store for the principal context. The name of the domain or server for context types, the machine name for context types, or the name of the server and port hosting the instance. If the name is for a context type this context is a domain controller for the domain of the user principal under which the thread is running. If the name is for a context type, this is the local machine name. This parameter cannot be for context types. The container on the store to use as the root of the context. All queries are performed under this root, and all inserts are performed into this container. For and context types, this parameter is the distinguished name of a container object. For context types, this parameter must be set to . A combination of one or more enumeration values the options used to bind to the server. If this parameter is , the default options are ContextOptions.Negotiate | ContextOptions.Signing | ContextOptions.Sealing. The username used to connect to the store. If the and parameters are both , the default credentials of the current principal are used. Otherwise, both and must be non-null, and the credentials they specify are used to connect to the store. The password used to connect to the store. If the and parameters are both , the default credentials of the current principal are used. Otherwise, both and must be non-null, and the credentials they specify are used to connect to the store. The and parameters must either be or contain a value. A container cannot be specified when the context type is specified in the parameter. A name or container must be specified when is specified in the parameter. The parameter does not contain a valid enumeration value. The parameter does not contain a combination of valid enumeration values.

Initializes a new instance of the class with the specified context type, name, container, and context options.

A enumeration value specifying the type of store for the principal context. The name of the domain or server for context types, the machine name for context types, or the name of the server and port hosting the instance. If the name is for a context type this context is a domain controller for the domain of the user principal under which the thread is running. If the name is for a context type, this is the local machine name. This parameter cannot be for context types. The container on the store to use as the root of the context. All queries are performed under this root, and all inserts are performed into this container. For and context types, this parameter is the distinguished name of a container object. For context types, this parameter must be set to . A combination of one or more enumeration values specifying the options used to bind to the server. If this parameter is , the default options are ContextOptions.Negotiate | ContextOptions.Signing | ContextOptions.Sealing. A container cannot be specified when the context type is specified in the parameter. A name or container must be specified when is specified in the parameter. The parameter does not contain a valid enumeration value. The parameter does not contain a combination of valid enumeration values.

Initializes a new instance of the class with the specified context type, name, container, username, and password.

A enumeration value specifying the type of store for the principal context. The name of the domain or server for context types, the machine name for context types, or the name of the server and port hosting the instance. If the name is for a context type this context is a domain controller for the domain of the user principal under which the thread is running. If the name is for a context type, this is the local machine name. This parameter cannot be for context types. The container on the store to use as the root of the context. All queries are performed under this root, and all inserts are performed into this container. For and context types, this parameter is the distinguished name of a container object. For context types, this parameter must be set to . The username used to connect to the store. If the and parameters are both , the default credentials of the current principal are used. Otherwise, both and must be non-null, and the credentials they specify are used to connect to the store. The password used to connect to the store. If the and parameters are both , the default credentials of the current principal are used. Otherwise, both and must be non-null, and the credentials they specify are used to connect to the store. The and parameters must either be or contain a value. A container cannot be specified when the context type is specified in the parameter. A or must be specified when is specified in the parameter. The parameter does not contain a valid enumeration value.

Initializes a new instance of the class with the specified context type, name, username, and password.

Initializes a new instance of the class with the specified context type, name, and container.

Initializes a new instance of the class with the specified context type and name.

Initializes a new instance of the class with the specified context type.

A enumeration value specifying the type of store for the principal context. A name or container must be specified when using the application directory context. The parameter does not contain a valid enumeration value.

Disposes the current instance of the object.

Creates the connections to the server and returns a Boolean value that specifies whether the specified user name and password are valid. This method performs fast credential validation of the username and password.

The username that is validated on the server. See the Remarks section for information on the format of . The password that is validated on the server. A combination of one or more enumeration values the options used to bind to the server. This parameter can only specify Simple bind with or without SSL, or Negotiate bind. The parameter must specify when the context type is . if the credentials are valid; otherwise .

Creates the connections to the server and returns a Boolean value that specifies whether the specified username and password are valid.

The username that is validated on the server. See the Remarks section for more information on the format of . The password that is validated on the server. if the credentials are valid; otherwise .

Gets the name of the server to which the principal context is connected.

The name of the server to which the principal context is connected or if the principal context is not connected to a server.

Gets the value specified in the container parameter in the constructor.

The container on the store to use as the root of the context or if the container is not specified.

Gets the context type that specifies the type of store for the principal context.

A enumeration value specifying the type of target to connect to.

Gets the value specified as the parameter in the constructor.

The name of the domain or server for contexts types, the host name for context types, the name of the server hosting the instance, or if no name is set.

Gets the options specified in the parameter of the constructor.

A enumeration value specifying the type of target to connect to.

Gets the value specified in the username parameter in the constructor.

The username used to connect to the store, or if no user name exists.

The base class of exceptions thrown by objects.

Initializes a new instance of the class using the provided serialization information and streaming context.

The error information. The streaming context.

Thrown by method when an attempt is made to insert a principal that already exists in the collection, or by when an attempt is made to save a new principal that already exists in the store.

Instantiates a new instance of the class.

Initializes a new instance of the class from the specified and instances.

A that contains the information required to serialize the new . A that contains the source of the serialized stream that is associated with the new .

Instantiates a new instance of the class with the specified error message and specified nested exception.

The text of the error message. A nested exception.

Instantiates a new instance of the class with the specified error message.

The text of the error message.

Thrown when ADSI returns an error during an operation to update the store.

Instantiates a new instance of the class.

Initializes a new instance of the class from the specified and instances.

A that contains the information required to serialize the new . A that contains the source of the serialized stream that is associated with the new .

Instantiates a new instance of the class with the specified error message, the specified nested exception, and the specified error code.

The text of the message. A nested exception. An error code.

Instantiates a new instance of the class with the specified error message and specified nested exception.

The text of the error message. A nested exception.

Instantiates a new instance of the class with the specified error message and specified error code.

The text of the message. An error code.

Instantiates a new instance of the class with the specified error message.

The text of the error message.

Initializes a new instance of the class with serialized data.

The object that holds the serialized object data. The contextual information about the source or destination.

Returns an integer error code.

An integer error code. The system will return 0 (zero) in the exception error code property if no underlying error was received from a win32 API. Callers need to distinguish between 0 (zero) and a valid win32 error code.

Encapsulates the methods and search patterns used to execute a query against the underlying principal store.

Initializes a new instance of the class. The property must be set before the Principal searcher object can be used to perform a search.

Initializes a new instance of the class with the specified query filter.

The object that specifies the filter to use for the search. The property is initialized to this value. Persisted principal objects can not be used as the . The parameter cannot be or empty.

Disposes the current instance of the object.

Returns a principal search result that contains a collection of all the principal objects that match the principal specified in the query filter property.

The contains referential properties. For more information, see the Query by Example overview topic. The is a persisted principal. A must first be assigned to the principal searcher before the query can be performed. A object that matches the query filter or an empty collection if no results are found.

Returns a principal search result that contains the first principal object found that matches the principal specified in the property.

The contains referential properties. For more information, see the Query by Example overview topic. The is a persisted principal. A must first be assigned to the principal searcher before the query can be performed. A object that contains the principal object that matches the query filter or if no results are found.

Returns the underlying search object that is used by the Account Management API to perform the search.

A must first be assigned to the principal searcher before the query can be performed. The contains referential properties. For more information, see the Query by Example overview topic. The is a persisted principal. A object.

Returns the type of the object returned from the method.

A must first be assigned to the principal searcher before the query can be performed. A that specifies the type of object returned from the method.

Gets that principal context that is used to perform the query. The context specifies the server or domain against which search operations are performed.

The object that specifies the server or domain against which operations are performed.

Gets or sets the query filter that is used to locate matching principals.

Persisted Principal objects can not be used as the . The cannot be or empty. The object that is used for the query or if no filter is set.

Returns a collection of objects that are returned by a search.

Disposes the current instance of the object.

Returns an enumerator that iterates through a collection.

The object that is used to iterate through the principal objects.

Returns an enumerator that can be used to iterate over the objects in this collection.

Returns an containing the principals in the search result collection.

This exception is thrown when the API is unable to connect to the server.

Instantiates a new instance of the class.

Initializes a new instance of the class from the specified and instances.

A that contains the information required to serialize the new . A that contains the source of the serialized stream that is associated with the new .

Instantiates a new instance of the class with the specified error message, the specified nested exception, the specified error code, and the specified server name.

The text of the message. A nested exception. An error code. A server name.

Instantiates a new instance of the class with the specified error message, the specified nested exception, and the specified error code.

The text of the error message. A nested exception. An error code.

Instantiates a new instance of the class with the specified error message and specified nested exception.

The text of the message. A nested exception.

Instantiates a new instance of the class with the specified error message and specified error code.

The text of the message. An error code.

Instantiates a new instance of the class with the specified error message.

An error message.

Sets the with the parameter name and additional exception information.

A object that will hold the serialized object data. A object that will hold contextual information about the source or destination.

Multi-valued properties, such as , have a value of the type . This class provides methods to enumerate and manipulate those values.

Adds the specified value to the end of the collection.

An object to be added to the collection.

Clears the contents of the collection.

Returns if the specified object is in the collection, and otherwise.

An object. Returns a .

Copies the contents of the collection to the specified array, starting at the specified position in the array.

An of objects. An integer representing the position in to which the first object in the collection should be copied.

Returns an enumerator that can be used to iterate through the collection.

An object.

Returns the index of the specified object, or -1 if the object is not in the collection.

The object whose index is required. An .

Inserts the specified object into the collection at the specified index.

The index at which will be inserted into the collection. An object.

Removes the specified object from the collection.

The object to be removed from the collection. Returns a . Returns if the object was removed, or if the object was not in the collection.

Removes the object at the specified index from the collection.

The index of the object to be removed from the collection.

Copies the contents of the collection to the specified array, starting at the specified index.

An of objects. An integer representing the position in to which the first object in the collection should be copied.

Returns an enumerator for iterating through the collection.

An object.

Adds the specified object to the end of the collection.

An object to be added to the collection. The position into which the new element was inserted, or -1 to indicate that the item was not inserted into the collection.

Deletes the contents of the collection.

Returns a bool indicating whether the specified object is in the collection.

An object.

Returns the index of the specified object in the collection, or -1 if it is not in the collection.

An object. An .

Inserts the specified object at the specified position into the collection.

The position into which should be inserted. The value to insert into the collection.

Removes the specified object from the collection.

The object to be removed from the collection.

Removes the object at the specified index from the collection.

The index of the object to be removed from the collection.

Gets the number of objects in the collection.

The number of elements contained in the .

Gets a that represents whether or not the collection is fixed in size.

Gets a bool that represents whether or not the collection is read-only.

if the is read-only; otherwise, .

Gets a value indicating whether access to the collection is synchronized (thread safe).

Gets the object at the specified index in the collection.

An integer. The element at the specified index.

Gets an object that can be used to synchronize access to the collection.

Gets the number of objects in the collection.

The number of elements contained in the .

Gets a value indicating whether access to the collection is synchronized (thread safe).

if access to the is synchronized (thread safe); otherwise, .

Gets an object that can be used to synchronize access to the collection.

An object that can be used to synchronize access to the .

Gets a value indicating whether the collection is fixed-size.

if the has a fixed size; otherwise, .

Gets a value indicating whether access to the collection is read-only.

if the is read-only; otherwise, .

Gets the object at the specified index in the collection.

An integer. The element at the specified index.

Encapsulates principals that are user accounts.

Initializes a new instance of the class by using the specified context, SAM account name, password, and enabled value.

The that specifies the server or domain against which operations are performed. The SAM account name for this user principal. The password for this account. A Boolean value that specifies whether the account is enabled.

Initializes a new instance of the class by using the specified context.

The that specifies the server or domain against which operations are performed.

Returns a collection of objects for users that have an incorrect password attempt recorded in the specified date and time range.

Returns a collection of objects for users that have an account expiration time in the specified date and time range.

Returns a user principal object that matches the specified identity type, and value. This version of the method determines the format of the identity value.

The that specifies the server or domain against which operations are performed. A enumeration value that specifies the format of the parameter. The identity of the user principal. This parameter can be any format that is contained in the enumeration. Multiple user principal objects matching the current user object were found. The identity value is not a valid enumeration value. A object that matches the specified identity value and type, or null if no matches are found.

Returns a user principal object that matches the specified identity value.

The that specifies the server or domain against which operations are performed. The identity of the user principal. This parameter can be any format that is contained in the enumeration. Multiple user principal objects matching the current user object were found. A object that matches the specified identity value, or null if no matches are found.

Returns a collection of objects for users that have an account lockout time in the specified date and time range.

Returns a collection of objects for users that have account logon recorded in the specified date and time range.

Returns a collection of objects for users that have set their password within the specified date and time range.

Returns a collection of principal objects that contains all the authorization groups of which this user is a member. This function only returns groups that are security groups; distribution groups are not returned.

The attempt to retrieve authorization groups failed. The retrieval of authorization groups is not supported by this operating system. A collection of objects that contain the groups of which the user is a member, or null if the user does not belong to any security groups.

Returns an object to set read-only properties before passing the object to the .

An object.

Gets a user principal object that represents the current user under which the thread is running.

The underlying store does not support this property. The user principal object for the current user could not be found. The principal object may contain an access control list to prevent access by unauthorized users. Multiple user principal objects matching the current user were found. A representing the current user.

Gets or sets the email address for this account.

The underlying store does not support this property. The email address of the user principal.

Gets or sets the employee ID for this user principal.

The underlying store does not support this property. The employee ID of the user principal.

Gets or sets the given name for the user principal.

The underlying store does not support this property. The given name of the user principal.

Gets or sets the middle name for the user principal.

The underlying store does not support this property. The middle name of the user principal.

Gets or sets the surname for the user principal.

The underlying store does not support this property. The surname of the user principal.

Gets or sets the voice telephone number for the user principal.

The underlying store does not support this property. The voice telephone number of the user principal.