Active Directory Incorrect password attempts double counting

Posted by Hidayath on Stack Overflow See other posts from Stack Overflow or by Hidayath
Published on 2009-06-18T15:03:48Z Indexed on 2010/04/08 16:03 UTC
Read the original article Hit count: 172

Filed under:
|

Hi I am using the following C# code to connect to active directory and validate the login,

    DirectoryEntry de = new DirectoryEntry(); 
    string username = "myuser", path = "LDAP://addev2.dev.mycompany.com/CN=myuser,DC=dev,DC=mycompany,DC=com", password = "test";
    for (int i = 0; i < 4;i++ )
    {

        try
        {

            de.AuthenticationType = AuthenticationTypes.Sealing | AuthenticationTypes.Secure | AuthenticationTypes.FastBind;
            de.Username = username;
            de.Password = password;

            de.Path = path;

      //de.RefreshCache();
            Object obj = de.NativeObject;
        }
        catch (Exception ex)
        {
            Console.WriteLine(ex.Message);
        }

this works fine when the password is correct. However when the password is incorrect this shows as 2 invalid attempts in AD. So what happens is when the AD admin allows 5 invalid attempts the user is locked out on the 3rd attempt. when i look in the AD's event log 1 see 2 entries.

1)Pre-authentication failed:

2)Logon attempt by:

MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
     Logon account: [email protected]
     Source Workstation: WKSXXXX
     Error Code:    0xC000006A

Stepping thro the code i see 2 event entries on the line

  de.RefreshCache()

I tried using de.NativeObject to see if that would solve the problem. No Dice

Anyone have any pointers?

© Stack Overflow or respective owner

Related posts about active-directory

Related posts about c#