I've a local installation of an "Active directory lightweight directory service" on a WIN7 machine (which is domain joined).
Controlled by a Policy a user gets locked for about 15mins if there where 5 failed login attempts. With ADSI-Edit i can see that there is an attribute on the "UserClass" named "ms-DS-UserAccountAutoLocked" with an boolean value.
But if i want to read this attribute from this user (via a second admin(!) authenticated binding) it always returns null - like the property does not exist. If i iterate through all properties this property isnt also shown up. Only at the ADSI-Edit i can see the property and its value.
Have anyone an idea why i cannot read this property in my code? (C#)
I have tried:
var property = adentry.Properties["ms-DS-UserAccountAutoLocked"];
and also:
var property = adentry.InvokeGet("ms-DS-UserAccountAutoLocked");
Thanks
This property is an calculated one and must be refreshed before!
adentry.RefreshCache(new string[] { "ms-DS-UserAccountAutoLocked"});
Take a look at another thread of mine (same effect):