System.DirectoryServices.AccountManagement

This class provides writable access to certain attributes so that users can modify read-only properties of the "dummy" principal object that is passed to a object when using Query By Example

Instantiates a new object. Not intended to be called directly.

Sets the query filter for the attribute to the specified time and comparison type.

A object.

Sets the query filter to the specified time and comparison type.

A object.

Creates a query filter for a property in an extended class.

The name of the attribute The object type of .

Sets the query filter for the attribute to the specified value and comparison type.

An integer.

Sets the query filter for the attribute to the specified and the specified comparison value.

A object.

Sets the query filter for the attribute to the specified and the specified comparison value.

A object.

Sets the query filter for the attribute to the specified and the specified comparison value.

A object.

Encapsulates the account and contact data common to principals that can be authenticated.

Initializes a new instance of the class by using the specified context. This constructor is called by derived-class constructors to initialize the base class and is not intended for use directly from your code.

The that specifies the server or domain against which operations are performed.

Initializes a new instance of the class by using the specified context, SAM account name, password, and enabled value. This constructor is called by derived-class constructors to initialize the base class and is not intended for use directly from your code.

The that specifies the server or domain against which operations are performed. The SAM account name for this principal. The password for this account. A Boolean value that specifies whether the account is enabled.

Gets or sets a Nullable that specifies the date and time that the account expires.

A that specifies the date and time that the account expires, or null if the account never expires. The underlying store does not support this property.

Gets the Nullable that specifies the date and time that the account was locked out.

A that specifies the date and time that the account was locked out, or null if no lockout time is set on the account. The underlying store does not support this property.

Returns an object, for use with Query By Example to set read-only properties before passing the object to the .

An object.

Gets or sets a Boolean value that specifies whether reversible password encryption is enabled for this account.

true if reversible password encryption is enabled for this account; otherwise false. The underlying store does not support this property.

Gets the number of logon attempts using incorrect credentials for this account.

The number of logon attempts using incorrect credentials for this account. The underlying store does not support this property.

Gets a that contains the X509 certificates for this account.

A that contains the X509 certificates for this account. The underlying store does not support this property.

Changes the account password from the old password to the new password. Do not use this with a .

The password that is changed. The new password. The principal has not been persisted. The new password does not meet the complexity requirements. The principal is not a user.

Gets or sets a Nullable Boolean value that specifies whether the account may be delegated.

true if the account may be delegated; otherwise false. The underlying store does not support this property.

Gets or sets a Nullable Boolean value that specifies whether this account is enabled for authentication.

true if the principal is enabled, or null if the account has not been persisted; otherwise false. The underlying store does not support this property. The application tried to set a null value for this property.

Expires the password for this account. This will force the user to change his/her password at the next logon.

An exception occurred when saving the changes to the store.

Returns a collection of authentication principal objects that have an incorrect password try recorded in the specified date and time range.

A that contains one or more objects, or an empty collection if no results are found. The object that specifies the server or domain against which operations are performed. A object that identifies the date and time of the incorrect password try. This parameter is used with the type parameter to determine the range of time in which the returned objects have an incorrect logon try recorded. A enumeration value that specifies the type of match that is applied to the parameter.

Returns a collection of objects that have a bad password attempt within the specified date and time range. This is the template function for extended classes that wish to implement this functionality.

A that contains one or more objects of the appropriate principal type, or an empty collection if no matches are found. The that specifies the server or domain against which operations are performed. A object that identifies the date and time of the password set. This parameter is used with the type parameter to determine the range of time in which the returned objects have a password set recorded. A enumeration value that specifies the type of match that is applied to the parameter.

Returns a collection of authentication principal objects that have an account expiration time recorded in the specified date and time range.

A that contains one or more objects. The that specifies the server or domain against which operations are performed. A object that identifies the date and time of the account expiration. This parameter is used with the type parameter to determine the range of time in which the returned objects have an account expiration recorded. A enumeration value that specifies the type of match that is applied to the parameter.

Returns a collection of objects that have an expiration time within the specified date and time range. This is the template function for extended classes that wish to implement this functionality.

Returns a collection of authentication principal objects that have an account lockout time recorded in the specified date and time range.

A that contains one or more objects. The that specifies the server or domain against which operations are performed. A object that identifies the date and time of the account lockout. This parameter is used with the type parameter to determine the range of time in which the returned objects have an account lockout recorded. A enumeration value that specifies the type of match that is applied to the parameter.

Returns a collection of objects that have a lockout time within the specified date and time range. This is the template function for extended classes that wish to implement this functionality.

A that contains one or more objects of the appropriate principal type, or an empty collection if no matches are found.

Returns a collection of authentication principal objects that have an account logon recorded in the specified date and time range.

A that contains one or more objects. The that specifies the server or domain against which operations are performed. A object that identifies the date and time of the logon record. This parameter is used with the type parameter to determine the range of time in which the returned objects have an account logon recorded. A enumeration value that specifies the type of match that is applied to the parameter.

Returns a collection of objects that have a logon time within the specified date and time range. This is the template function for extended classes that wish to implement this functionality.

A that contains one or more objects of the appropriate principal type, or an empty collection if no matches are found. A object that identifies the date and time of the password set. This parameter is used with the type parameter to determine the range of time in which the returned objects have a password set recorded. A enumeration value that specifies the type of match that is applied to the parameter.

Returns a collection of authentication principal objects that have an account password set recorded in the specified date and time range.

A that contains one or more objects. The that specifies the server or domain against which operations are performed. A object that identifies the date and time of the password set. This parameter is used with the type parameter to determine the range of time in which the returned objects have a password set recorded. A enumeration value that specifies the type of match that is applied to the parameter.

Returns a collection of objects that have a password set time within the specified date and time range. This is the template function for extended classes that wish to implement this functionality.

Gets or sets the home directory for this account.

The home directory for this account, or null if no home directory exists. The underlying store does not support this property.

Gets or sets the home drive for this account.

The home drive for the account, or null if no home drive exists. The underlying store does not support this property.

Returns a Boolean value that specifies whether the account is currently locked out.

true if the account is locked out; otherwise false.

Gets the Nullable that specifies the date and time of the last incorrect password attempt on this account.

A Nullable that specifies the date and time of the last incorrect password attempt on this account, or null if no incorrect password tries are recorded. The underlying store does not support this property.

Gets the Nullable that specifies the date and time of the last logon for this account.

A Nullable that specifies the date and time of the last logon for this account. The underlying store does not support this property.

Gets the Nullable that specifies the last date and time that the password was set for this account.

A Nullable that specifies the last date and time that the password was set for this account. The underlying store does not support this property.

Gets or sets a Boolean value that specifies whether the password expires for this account.

true if the password expires for this account; otherwise false. The underlying store does not support this property.

Gets or sets a Boolean value that specifies whether a password is required for this account.

true if a password is required for this account; otherwise false. The underlying store does not support this property.

Gets or sets the times when the principal can logon.

The permitted logon times for this account. The underlying store does not support this property.

Gets the list of workstations that this principal is permitted to log into.

The mutable list of workstations that this principal is permitted to log into. The underlying store does not support this property.

Refreshes an expired password.

An exception occurred when saving the changes to the store.

Gets or sets the script path for this account.

A path of the script for this account, or null if there is no script path. The underlying store does not support this property.

Sets the account password to the specified value.

The new password. Throws an exception if the caller does not have appropriate rights, the new password does not meet password complexity requirements, or for any other reason that the underlying stores reject the password change.

Gets or sets a Boolean value that specifies whether a smartcard is required to log on to the account.

true if a smartcard is required to log on to this account; otherwise false. The underlying store does not support this property.

Unlocks the account if it is currently locked out.

Throws an exception if the caller does not have appropriate rights. An exception occurred when saving the changes to the store.

Gets or sets a Boolean value that specifies whether the user can change the password for this account. Do not use this with a .

true if the user is not permitted to change the password; otherwise false. The underlying store does not support this property. This principal object is not a user.

Encapsulates principals that are computer accounts.

Initializes a new instance of the class and assigns it to the specified context.

Initializes a new instance of the class by using the specified context, SAM account name, password, and enabled value.

The that specifies the server or domain against which operations are performed. The SAM account name for this computer principal. The password for this account. A Boolean value that specifies whether the account is enabled.

Returns a collection of objects that have had bad password attempts within the parameters specified.

A that contains one or more objects that match the search parameters, or an empty collection if no matches are found. The that specifies the server or domain against which operations are performed. A structure that is used in conjunction with the to find computers with bad password attempts. The that specifies the type of comparison to use in the search.

Returns a collection of objects that have an expiration time within the specified date and time range.

A that contains one or more objects that match the search parameters, or an empty collection if no matches are found. The that specifies the server or domain against which operations are performed. A structure that is used in conjunction with the to filter search results. The that specifies the type of comparison to use in the search.

Returns a computer principal object that matches the specified identity type and value. This version of the method determines the format of the identity value.

A object that matches the specified identity value and type, or null if no matches are found. The that specifies the server or domain against which operations are performed. A enumeration value that specifies the format of the parameter. The identity of the computer. This parameter can be any format that is contained in the enumeration. Multiple computer principal objects matching the current computer object were found. The identity value is not a valid enumeration value.

Returns a computer principal object that matches the specified identity value.

A object that matches the specified identity value, or null if no matches are found. The that specifies the server or domain against which operations are performed. The identity of the computer. This parameter can be any format that is contained in the enumeration. Multiple computer principal objects matching the current computer object were found.

Returns a collection of objects that have a lockout time within the specified date and time range.

A that contains one or more objects that match the search parameters, or an empty collection if no matches are found. The that specifies the server or domain against which operations are performed. A structure that is used in conjunction with the to filter search results. The that specifies the type of comparison to use in the search.

Returns a collection of objects that have a logon time within the specified date and time range.

A that contains one or more objects that match the search parameters, or an empty collection if no matches are found. The that specifies the server or domain against which operations are performed. A structure that is used in conjunction with the to filter search results. The that specifies the type of comparison to use in the search.

Returns a collection of objects that have a password set time within the specified date and time range.

A that contains one or more objects that match the search parameters, or an empty collection if no matches are found. The that specifies the server or domain against which operations are performed. A structure that is used in conjunction with the to filter search results. The that specifies the type of comparison to use in the search.

Gets a collection of the Service Principal Names (SPN) for the computer account.

A collection of SPNs that specify the names of the accounts registered for this computer. The syntax for the SPN depends on the underlying store.

Specifies the options that are used for binding to the server. The application can set multiple options that are linked with a bitwise OR operation.

The client is authenticated by using either Kerberos or NTLM. When the user name and password are not provided, the Account Management API binds to the object by using the security context of the calling thread, which is either the security context of the user account under which the application is running or of the client user account that the calling thread represents.

The client is authenticated by using the Basic authentication.

The channel is encrypted by using the Secure Sockets Layer (SSL). Active Directory requires that the Certificate Services be installed to support SSL.

The integrity of the data is verified. This flag can only be used with the Negotiate context option and is not available with the simple bind option.

The data is encrypted by using Kerberos.

Specify this flag when you use the domain context type if the application is binding to a specific server name.

Specifies the type of store to which the principal belongs.

The computer store. This represents the SAM store.

The domain store. This represents the AD DS store.

The application directory store. This represents the AD LDS store.

Represents the schema object that is used to create an object of this type in the directory. This attribute is required for principal extensions and can only be set on classes.

Initializes a new instance of the class with the specified object class value. The object created in the directory will be created with this object class type.

The string that contains the object class value. The property is initialized to this value. The object class string represents the objectClass attribute for the application directory and domain directories.

This property is not implemented and always returns null.

A enumeration value that specifies the type of store to which the attribute applies, or null if no context is set.

Returns the object class value for the extended class.

The object class value for the extended class.

Contains the data required by the store to map a principal property to a directory attribute. This attribute is required for principal extensions and can only be set on a property. It must be specified on every property that represents a directory attribute in the extended class.

Initializes a new instance of the class with the schema attribute name.

The name of the attribute that is set in the directory. The property is initialized to this value. This property represents the ldapDisplayName for application directory and domain directories.

This property is not implemented and always returns null.

A enumeration value that specifies the type of store to which this attribute applies, or null if no context is set.

Returns the string that represents the attribute name in the directory.

The string that represents the attribute name in the directory.

The RDN prefix used to construct the RDN for the new object that is inserted into the store. The default RDN prefix of "CN" is used by the Account Management API if this attribute is not set. This attribute is optional and can only be set on principal extension classes.

Initializes a new instance of the class with the RDN prefix.

The RDN prefix. The property is initialized to this value.

This property is not implemented and always returns null.

A enumeration value that specifies the type of store to which this attribute applies, or null is no context is set.

Returns the RDN prefix used to construct the RDN.

The RDN prefix used to construct the RDN.

Encapsulates group accounts. Group accounts can be arbitrary collections of principal objects or accounts created for administrative purposes.

Initializes a new instance of the class by using the specified context.

The that specifies the server or domain against which operations are performed.

Initializes a new instance of the class and assigns it to the specified context and SAM account name.

The that specifies the server or domain against which operations are performed. The SAM account name for this principal.

Disposes the current instance of the object.

Returns a group principal object that matches the specified identity type, and value. This version of the method determines the format of the identity value.

A that matches the specified identity value and type, or null if no matches are found. The that specifies the server or domain against which operations are performed. A enumeration value that specifies the format of the parameter. The identity of the group principal. This parameter can be any format that is contained in the enumeration. Multiple group principal objects matching the current group object were found. The identity value is not a valid enumeration value.

Returns a group principal object that matches the specified identity value.

A object that matches the specified identity value and type, or null if no matches are found. The that specifies the server or domain against which operations are performed. The identity of the group principal. This parameter can be any format that is contained in the enumeration. Multiple group principal objects matching the current group object were found.

Returns a collection of the principal objects that is contained in the group.

A object that contains the principal objects that are members of the group, or an empty collection if the group has no members.

Returns a collection of the principal objects that is contained in the group. When the recursive flag is set to true, this method searches the current group recursively and returns all nested group members.

A object that contains the principal objects that are members of the group, or an empty collection if the group has no members. A Boolean value that specifies whether the group is searched recursively.

Gets or sets a Nullable enumeration that specifies the scope for this group principal.

A nullable enumeration value that specifies the scope of this group or null if no scope has been set. The application may not set this property to null.

Gets or sets a Nullable Boolean value that indicates whether the group is security-enabled.

true if the group is security enabled, or null if the group has not been persisted; otherwise false. The application may not set this property to null.

Gets a collection of principal objects that represent the members of the group.

A object that contains the principal objects that represent the members of the group.

Specifies the scope of the group principal.

The scope of the group is local. This group type is supported on AD DS and AD LDS.

The group's scope is global. This group type is supported on AD DS. When a global group is specified with an AD LDS directory, a group is created instead.

The scope of the group is universal. This group type is supported on AD DS and AD LDS.

Specifies the format of the identity.

The identity is a Security Account Manager (SAM) name.

The identity is a name.

The identity is a User Principal Name (UPN).

The identity is a Distinguished Name (DN).

The identity is a Security Identifier (SID) in Security Descriptor Definition Language (SDDL) format.

The identity is a Globally Unique Identifier (GUID).

The enumeration specifies the type of comparison used in a search.

The search results include values that equal the supplied value. If the supplied value specifies a date and time, the returned collection includes objects that have the same date and time.

The search results include values that are not equal to the supplied value. If the supplied value specifies a date and time, the returned collection includes objects that do not include the specified date and time.

The search results include values that are greater than the supplied value. If the supplied value specifies a date and time, the returned collection includes objects that are dated after the specified date and time.

The search results include values that are greater than or equal to the supplied value. If the supplied value specifies a date and time, the returned collection includes objects that are dated on or after the specified date and time.

The search results include values that are less than the supplied value. If the supplied value specifies a date and time, the returned collection includes objects that are dated prior to the specified date and time.

The search results include values that are less than or equal to the supplied value. If the supplied value specifies a date and time, the returned collection includes objects that are dated prior to or on the specified date and time.

This exception is thrown by methods that expect to match a single principal object when there are multiple matches to the search query.

Instantiates a new instance of the class.

Initializes a new instance of the class from the specified and instances.

A that contains the information required to serialize the new A that contains the source of the serialized stream that is associated with the new

Instantiates a new instance of the class with the specified error message.

The text of the error message.

Instantiates a new instance of the class with the specified error message and specified nested exception.

The text of the error message. A nested exception.

This exception is thrown when no matching principal object could be found with the specified parameters.

Instantiates a new instance of the class.

Initializes a new instance of the class from the specified and instances.

A that contains the information required to serialize the new A that contains the source of the serialized stream that is associated with the new

Instantiates a new instance of the class with the specified error message.

The text of the error message.

Instantiates a new instance of the class with the specified error message and specified nested exception.

The text of the message A nested exception.

This exception is thrown when a password does not meet complexity requirements.

Instantiates a new instance of the class.

Initializes a new instance of the class from the specified and instances.

A that contains the information required to serialize the new A that contains the source of the serialized stream that is associated with the new

Instantiates a new instance of the class with the specified error message.

Instantiates a new instance of the class with the specified error message and specified nested exception.

The text of the error message. A nested exception.

Encapsulates the account data and operations common to all security principals. This is the abstract base class from which all security principals are derived.

Initializes a new instance of the class. This constructor is called by derived-class constructors to initialize the base class and is not intended to be called directly from your code.

Determines whether the or methods have been called on this class. This method is called by classes that derive from this principal class.

The method has been called on this principal object. The method has been called on this principal object.

Gets a principal context that is associated with the principal.

A object that contains the context associated with this principal.

Gets a principal context that is associated with this principal.

A object that contains the context associated with this principal.

Gets the context type enumeraton value that specifies the type of principal context associated with this principal.

A enumeration value that specifies the context type.

Deletes the principal object from the store.

The object that is not persisted in the store.The object has already been deleted. The target context type must match the context type of the current principal.

Gets or sets the description of the principal.

The description text for this principal or null if there is no description.

Gets or sets the display name for this principal.

The display name for this principal or null if there is no display name.

Disposes the current instance of the object.

Gets the distinguished name (DN) for this principal.

The DN for this principal or null if there is no DN.

Returns a Boolean value that specifies whether the supplied object is equal to the current object.

true if the supplied object and current principal objects represent the same underlying principal in the store; otherwise false. The object that is compared to the current instance.

Retrieves an attribute of an extended class object.

Returns an array of objects, or null if no attribute exists with that name. See System.DirectoryServices.AccountManagement Principle Extensions for an example on using this function. The name of the attribute to retrieve.

Sets the value of an attribute in an extended class.

The name of the attribute. The object that contains the value of the attribute.

Returns a principal object that matches the specified identity type, and value. This version of the method determines the format of the identity value.

A object that matches the specified identity value and type or null if no matches are found. The that specifies the server or domain against which operations are performed. An enumeration value that specifies the format of the parameter. The identity of the principal. This parameter can be any format that is contained in the enumeration. Multiple principal objects matching the current object were found. The identity type is not a valid enumeration value.

Returns a principal object that matches the specified identity value.

A object that matches the specified identity value and type, or null if no matches are found. The that specifies the server or domain against which operations are performed. The identity of the principal. This parameter can be any format that is contained in the enumeration. Multiple principal objects matching the current object were found.

Returns a principal object that matches the specified identity type, and value. This method is called by the implementation of the derived-class FindByIdentity method to restrict the search to the derived class type and is not intended to be called directly from your code.

A object that matches the specified identity value and type or null if no matches are found. The that specifies the server or domain against which operations are performed. The type of object for which results are returned. This must of type or a type derived from the class. An enumeration value that specifies the type of the identity value. The identity of the principal.

A object that matches the specified identity value and type, or null if no matches are found. The that specifies the server or domain against which operations are performed. The type of object for which results are returned. This must of type or a type derived from the class. The identity of the principal.

Returns a collection of group objects that specify the groups of which the current principal is a member.

A collection of objects that specify the groups of which the current principal is a member.

Returns a collection of group objects that the principal is a member of and that exist in the store provided by the specified context parameter.

A collection of objects that specify the groups of which the current principal is a member. The object that specifies the context against which the query is performed. When the context is located in another domain, the query is performed against the principal objects' representation in the specified context.

Retrieves the hash created from the contents of the principal object, suited for use in hashing algorithms and data structures like a hash table.

A hash code for the current principal.

Returns the underlying object that provides the contact data for the principal object.

The underlying object. The current principal has not been persisted and does not have an associated object.

Returns the underlying object type.

The underlying object type. For AD DS, AD LDS, and SAM the type is .

Gets the GUID associated with this principal.

The Nullable associated with this principal or null if there is no GUID.

Returns a Boolean value that specifies whether the principal is a member of the specified group.

true if the principal is a member of the specified group; otherwise false. The object for which principal membership is determined. The specified in the group parameter could not be found. More than one matching was found.

Returns a Boolean value that specifies whether the principal is a member of the group specified by identity type and value.

true if the principal is a member of the specified group; otherwise false. The that specifies the server or domain against which operations are performed. A enumeration value that specifies the type of the identity value. The identity of the group. The identity type or value does not correspond to a . More than one matching was found.

Gets or sets the name of this principal.

The name of the principal or null if the name attribute is not set. The application tried to set the name to null. The underlying store does not support this property.

Gets or sets the SAM account name for this principal.

The SAM account name for this principal or null if no name has been set. The application tried to set the SAM account name to null. The application tried to set the SAM account name on a persisted principal.

Saves the changes that were made on the principal object to the store. If this is a new principal object, this method inserts it into the store.

The principal has not yet been associated with a object.This type of principal cannot be inserted in the store. An exception occurred when saving changes to the store, or updating the group membership in the store. The principal already occurs in the store. The password does not meet complexity requirements.

Saves the changes that were made on the principal object to the store. If this is a new principal object, this method inserts it into the specified context. If the principal has already been persisted, it is moved from the original context to the specified context.

The that specifies the server or domain against which operations are performed. The principal has not yet been associated with a object. This type of principal cannot be inserted in the store. An exception occurred when saving changes to the store, or updating the group membership in the store. The principal already occurs in the store. The password does not meet complexity requirements.

Gets the Security ID (SID) of the principal.

The for this principal or null if there is no SID.

Gets the structural object class directory attribute.

The structural object class directory attribute.

Returns a user friendly string representation of the current principal object.

A string representation of the current object.

Gets or sets the user principal name (UPN) associated with this principal.

The UPN associated with this principal or null if no if the UPN has not been set. The underlying store does not support this property.

A mutable collection of objects derived from the class. This class is designed to be used for multi-valued properties that contain Principals. Manipulating the contents of this collection changes the contents of the corresponding store property, which is made permanent when is called on the corresponding principal object.

Adds the specified object to the end of the collection

A object.

Searches for a object that matches the parameters, and adds it to the end of the collection.

The object for the principal to be added to the collection. An object that specifies the format of A string that identifies the principal, in the format specified by

Adds the specified object to the end of the collection

A object

Removes all Principals from the collection.

Returns true if the collection contains the specified object.

Returns a bool. A object.

Returns true if the collection contains the specified object.

Returns a bool. A object

Returns true if the collection contains the specified object.

Returns a bool. A object

Returns true if the object matching the / pair is in the collection

Returns a bool. The object of the principal. An object that specifies the format of A string that identifies the principal, in the format specified by

Returns true if the collection contains the specified object.

Returns a bool. A object.

Copies the objects from this into the specified array, starting at the specified position index in array.

The that should be populated with objects. The position in into which the first principal object in the collection should be copied.

Returns the count of Principal objects in this collection.

Returns an enumerator to iterate through the principals in the .

An containing the principals in the .

Returns false. This is not a read-only collection.

Returns a bool.

Returns false. It is up to the application to serialize access to this collection.

Returns a bool.

Removes the specified object from the collection, and returns true if the was a member of this , and false otherwise (in which case the method performs no operation).

Returns a bool. A object.

Removes the specified object from the collection, and returns true if the was a member of this , and false otherwise (in which case the method performs no operation).

Returns a bool. A object.

Removes the specified object from the collection, and returns true if the was a member of this , and false otherwise (in which case the method performs no operation).

Returns a bool. A object.

Finds the object specified by the given and / pair from the collection, and returns true if the identified was a member of this , and false otherwise (in which case the method performs no operation).

Returns a bool. A object. An that identifies the format of . A string.

Removes the specified object from the collection, and returns true if the was a member of this , and false otherwise (in which case the method performs no operation).

Returns a bool. A object.

Returns a synchronization object that can be used to synchronize access to this collection.

Returns the object itself.

Copies the objects from this into the specified array, starting at the specified position index in array.

The T:System.Array that should be populated with objects. The position in to which the first object should be copied to.

Returns the count of Principal objects in this collection.

Returns an integer.

Always returns false. It is up to the application to synchronize access to this collection.

Returns a bool.

Returns a synchronization object that can be used to synchronize access to this collection. Returns the object itself.

The object.

Returns an enumerator to iterate through the principals in the .

An containing the principals in the .

Encapsulates the server or domain against which all operations are performed, the container that is used as the base of those operations, and the credentials used to perform the operations.

Initializes a new instance of the class with the specified context type.

A enumeration value specifying the type of store for the principal context. A name or container must be specified when using the application directory context. The parameter does not contain a valid enumeration value.

Initializes a new instance of the class with the specified context type and name.

Initializes a new instance of the class with the specified context type, name, and container.

Initializes a new instance of the class with the specified context type, name, container, and context options.

A enumeration value specifying the type of store for the principal context. The name of the domain or server for context types, the machine name for context types, or the name of the server and port hosting the instance. If the name is null for a context type this context is a domain controller for the domain of the user principal under which the thread is running. If the name is null for a context type, this is the local machine name. This parameter cannot be null for context types. The container on the store to use as the root of the context. All queries are performed under this root, and all inserts are performed into this container.For and context types, this parameter is the distinguished name of a container object. For context types, this parameter must be set to null. A combination of one or more enumeration values specifying the options used to bind to the server. If this parameter is null, the default options are ContextOptions.Negotiate | ContextOptions.Signing | ContextOptions.Sealing. A container cannot be specified when the context type is specified in the parameter.A name or container must be specified when is specified in the parameter. The parameter does not contain a valid enumeration value. The parameter does not contain a combination of valid enumeration values.

Initializes a new instance of the class with the specified context type, name, container, context options, username, and password.

A enumeration value specifying the type of store for the principal context. The name of the domain or server for context types, the machine name for context types, or the name of the server and port hosting the instance. If the name is null for a context type this context is a domain controller for the domain of the user principal under which the thread is running. If the name is null for a context type, this is the local machine name. This parameter cannot be null for context types. The container on the store to use as the root of the context. All queries are performed under this root, and all inserts are performed into this container.For and context types, this parameter is the distinguished name of a container object. For context types, this parameter must be set to null. A combination of one or more enumeration values the options used to bind to the server. If this parameter is null, the default options are ContextOptions.Negotiate | ContextOptions.Signing | ContextOptions.Sealing. The username used to connect to the store. If the and parameters are both null, the default credentials of the current principal are used. Otherwise, both and must be non-null, and the credentials they specify are used to connect to the store. The password used to connect to the store. If the and parameters are both null, the default credentials of the current principal are used. Otherwise, both and must be non-null, and the credentials they specify are used to connect to the store. The and parameters must either be null or contain a value. A container cannot be specified when the context type is specified in the parameter.A name or container must be specified when is specified in the parameter. The parameter does not contain a valid enumeration value. The parameter does not contain a combination of valid enumeration values.

Initializes a new instance of the class with the specified context type, name, username, and password.

Initializes a new instance of the class with the specified context type, name, container, username, and password.

A enumeration value specifying the type of store for the principal context. The name of the domain or server for context types, the machine name for context types, or the name of the server and port hosting the instance. If the name is null for a context type this context is a domain controller for the domain of the user principal under which the thread is running. If the name is null for a context type, this is the local machine name. This parameter cannot be null for context types. The container on the store to use as the root of the context. All queries are performed under this root, and all inserts are performed into this container.For and context types, this parameter is the distinguished name of a container object. For context types, this parameter must be set to null. The username used to connect to the store. If the and parameters are both null, the default credentials of the current principal are used. Otherwise, both and must be non-null, and the credentials they specify are used to connect to the store. The password used to connect to the store. If the and parameters are both null, the default credentials of the current principal are used. Otherwise, both and must be non-null, and the credentials they specify are used to connect to the store. The and parameters must either be null or contain a value. A container cannot be specified when the context type is specified in the parameter.A or must be specified when is specified in the parameter. The parameter does not contain a valid enumeration value.

Gets the name of the server to which the principal context is connected.

The name of the server to which the principal context is connected or null if the principal context is not connected to a server.

Gets the value specified in the container parameter in the constructor.

The container on the store to use as the root of the context or null if the container is not specified.

Gets the context type that specifies the type of store for the principal context.

A enumeration value specifying the type of target to connect to.

Disposes the current instance of the object.

Gets the value specified as the parameter in the constructor.

The name of the domain or server for contexts types, the host name for context types, the name of the server hosting the instance, or null if no name is set.

Gets the options specified in the parameter of the constructor.

A enumeration value specifying the type of target to connect to.

Gets the value specified in the username parameter in the constructor.

The username used to connect to the store, or null if no user name exists.

Creates the connections to the server and returns a Boolean value that specifies whether the specified username and password are valid.

true if the credentials are valid; otherwise false. The username that is validated on the server. The password that is validated on the server.

Creates the connections to the server and returns a Boolean value that specifies whether the specified user name and password are valid. This method performs fast credential validation of the username and password.

true if the credentials are valid; otherwise false. The username that is validated on the server. The password that is validated on the server. A combination of one or more enumeration values the options used to bind to the server. This parameter can only specify Simple bind with or without SSL, or Negotiate bind. The parameter must specify Negotiate when the context type is

The base class of exceptions thrown by objects.

Thrown by when an attempt is made to insert a principal that already exists in the collection, or by when an attempt is made to save a new principal that already exists in the store.

Instantiates a new instance of the class.

Initializes a new instance of the class from the specified and instances.

A that contains the information required to serialize the new A that contains the source of the serialized stream that is associated with the new

Instantiates a new instance of the class with the specified error message.

The text of the error message.

Instantiates a new instance of the class with the specified error message and specified nested exception.

The text of the error message. A nested exception.

Thrown when ADSI returns an error during an operation to update the store.

Instantiates a new instance of the class.

Initializes a new instance of the class from the specified and instances.

A that contains the information required to serialize the new A that contains the source of the serialized stream that is associated with the new

Instantiates a new instance of the class with the specified error message.

The text of the error message.

Instantiates a new instance of the class with the specified error message and specified nested exception.

The text of the error message. A nested exception.

Instantiates a new instance of the class with the specified error message, the specified nested exception, and the specified error code.

The text of the message. A nested exception. An error code.

Instantiates a new instance of the class with the specified error message and specified error code.

The text of the message. An error code.

Returns an integer error code.

Returns an integer.

Initializes a new instance of the class with serialized data.

The object that holds the serialized object data. The contextual information about the source or destination.

Encapsulates the methods and search patterns used to execute a query against the underlying principal store.

Initializes a new instance of the class. The property must be set before the Principal searcher object can be used to perform a search.

Initializes a new instance of the class with the specified query filter.

The object that specifies the filter to use for the search. The property is initialized to this value. Persisted principal objects can not be used as the . The parameter cannot be null or empty.

Gets that principal context that is used to perform the query. The context specifies the server or domain against which search operations are performed.

The object that specifies the server or domain against which operations are performed.

Disposes the current instance of the object.

Returns a principal search result that contains a collection of all the principal objects that match the principal specified in the query filter property.

A object that matches the query filter or an empty collection if no results are found. The contains referential properties. For more information, see the Query by Example overview topic. The is a persisted principal. A must first be assigned to the principal searcher before the query can be performed.

Returns a principal search result that contains the first principal object found that matches the principal specified in the property.

A object that contains the principal object that matches the query filter or null if no results are found. The contains referential properties. For more information, see the Query by Example overview topic.The is a persisted principal. A must first be assigned to the principal searcher before the query can be performed.

Returns the underlying search object that is used by the Account Management API to perform the search.

A object. A must first be assigned to the principal searcher before the query can be performed.The contains referential properties. For more information, see the Query by Example overview topic. The is a persisted principal.

Returns the type of the object returned from the method.

A that specifies the type of object returned from the method. A must first be assigned to the principal searcher before the query can be performed.

Gets or sets the query filter that is used to locate matching principals.

The object that is used for the query or null if no filter is set. Persisted Principal objects can not be used as the .The cannot be null or empty.

Returns a collection of objects that are returned by a search.

Disposes the current instance of the object.

Returns an enumerator that iterates through a collection.

The object that is used to iterate through the principal objects.

Returns an enumerator that can be used to iterate over the objects in this collection.

Returns an containing the principals in the search result collection.

This exception is thrown when the API is unable to connect to the server.

Instantiates a new instance of the class.

Initializes a new instance of the class from the specified and instances.

A that contains the information required to serialize the new A that contains the source of the serialized stream that is associated with the new

Instantiates a new instance of the class with the specified error message.

An error message.

Instantiates a new instance of the class with the specified error message and specified nested exception.

The text of the message. A nested exception.

Instantiates a new instance of the class with the specified error message, the specified nested exception, and the specified error code.

The text of the error message. A nested exception. An error code.

Instantiates a new instance of the class with the specified error message, the specified nested exception, the specified error code, and the specified server name.

The text of the message. A nested exception. An error code. A server name.

Instantiates a new instance of the class with the specified error message and specified error code.

The text of the message. An error code.

Sets the with the parameter name and additional exception information.

A object that will hold the serialized object data. A object that will hold contextual information about the source or destination.

Multi-valued properties, such as , have a value of the type . This class provides methods to enumerate and manipulate those values.

Adds the specified value to the end of the collection.

An object to be added to the collection.

Clears the contents of the collection.

Returns true if the specified object is in the collection, and false otherwise.

Returns a bool. An object.

Copys the contents of the collection to the specified array, starting at the specified position in the array.

An of objects. An integer representing the position in to which the first object in the collection should be copied.

Gets the number of objects in the collection.

Returns an enumerator that can be used to iterate through the collection.

An object.

Returns the index of the specified object, or -1 if the object is not in the collection.

An integer. The object whose index is required.

Inserts the specified object into the collection at the specified index.

The index at which will be inserted into the collection. An object.

Gets a bool that represents whether or not the collection is fixed in size.

Gets a bool that represents whether or not the collection is read-only.

Gets a value indicating whether access to the collection is synchronized (thread safe).

Gets the object at the specified index in the collection.

Removes the specified object from the collection.

Returns a bool. Returns true if the object was removed, or false if the object was not in the collection. The object to be removed from the collection.

Removes the object at the specified index from the collection.

Gets an object that can be used to synchronize access to the collection.

Copies the contents of the collection to the specified array, starting at the specified index.

Gets the number of objects in the collection.

Gets a value indicating whether access to the collection is synchronized (thread safe).

Gets an object that can be used to synchronize access to the collection.

Returns an enumerator for iterating through the collection.

An object.

Adds the specified object to the end of the collection.

An object to be added to the collection.

Deletes the contents of the collection.

Returns a bool indicating whether the specified object is in the collection.

boolean

Returns the index of the specified object in the collection, or -1 if it is not in the collection.

An integer. An object.

Inserts the specified object at the specified position into the collection.

The position into which should be inserted. An object

Gets a value indicating whether the collection is fixed-size.

Gets a value indicating whether access to the collection is read-only.

Gets the object at the specified index in the collection.

An integer.

Removes the specified object from the collection.

The object to be removed from the collection.

Removes the object at the specified index from the collection.

The index of the object to be removed from the collection.

Encapsulates principals that are user accounts.

Initializes a new instance of the class by using the specified context.

The that specifies the server or domain against which operations are performed.

Initializes a new instance of the class by using the specified context, SAM account name, password, and enabled value.

The that specifies the server or domain against which operations are performed. The SAM account name for this user principal. The password for this account. A Boolean value that specifies whether the account is enabled.

Returns an object, for use with Query By Example to set read-only properties before passing the object to the .

An object.

Gets a user principal object that represents the current user under which the thread is running.

A representing the current user. The underlying store does not support this property. The user principal object for the current user could not be found. The principal object may contain an access control list to prevent access by unauthorized users. Multiple user principal objects matching the current user were found.

Gets or sets the e-mail address for this account.

The e-mail address of the user principal. The underlying store does not support this property.

Gets or sets the employee ID for this user principal.

The employee ID of the user principal. The underlying store does not support this property.

Returns a collection of objects for users that have an incorrect password attempt recorded in the specified date and time range.

A that contains one or more objects, or an empty collection if no results are found.

Returns a collection of objects for users that have an account expiration time in the specified date and time range.

A that contains one or more objects, or an empty collection if no results are found.

Returns a user principal object that matches the specified identity type, and value. This version of the method determines the format of the identity value.

A object that matches the specified identity value and type, or null if no matches are found. The that specifies the server or domain against which operations are performed. A enumeration value that specifies the format of the parameter. The identity of the user principal. This parameter can be any format that is contained in the enumeration. Multiple user principal objects matching the current user object were found. The identity value is not a valid enumeration value.

Returns a user principal object that matches the specified identity value.

A object that matches the specified identity value, or null if no matches are found. The that specifies the server or domain against which operations are performed. The identity of the user principal. This parameter can be any format that is contained in the enumeration. Multiple user principal objects matching the current user object were found.

Returns a collection of objects for users that have an account lockout time in the specified date and time range.

A that contains one or more objects, or an empty collection if no results are found.

Returns a collection of objects for users that have account logon recorded in the specified date and time range.

A that contains one or more objects, or an empty collection if no results are found.

Returns a collection of objects for users that have set their password within the specified date and time range.

A that contains one or more objects, or an empty collection if no results are found.

Returns a collection of principal objects that contains all the authorization groups of which this user is a member. This function only returns groups that are security groups; distribution groups are not returned.

A collection of objects that contain the groups of which the user is a member, or null if the user does not belong to any groups. The attempt to retrieve authorization groups failed. The retrieval of authorization groups is not supported by this operating system.

Gets or sets the given name for the user principal.

The given name of the user principal. The underlying store does not support this property.

Gets or sets the middle name for the user principal.

The middle name of the user principal. The underlying store does not support this property.

Gets or sets the surname for the user principal.

The surname of the user principal. The underlying store does not support this property.

Gets or sets the voice telephone number for the user principal.

The voice telephone number of the user principal. The underlying store does not support this property.