In fact, you have to perform a bitwise action to set the correct bit to the appropriate value. In the link below you will come across the checkboxes for managing user accounts. Thus, you need to perform the appropriate logical operation against the property in order to lock or unlock the account.
I think you are interested in the following link.
Like (almost) everything in AD
I will add code code code code below.
Here is the code:
public class AdUser { private int _userAccountControl public bool IsLocked { get { return _userAccountControl & UserAccountControls.Lock } set { if(value) _userAccountControl = _userAccountControl | UserAccountControls.Lock else
Please consider making some changes to this code since I have not tested it. But your code should resemble or something close to it, both to lock and unlock a user account. Sooner or later you will have to go with DirectoryEntry.Properties [] to set it to a value in your object class.
EDIT
What is the preferred way to lock an Active Directory account?
int val = (int)directoryentry.Properties["userAccountControl"].Value; directoryentry.Properties["userAccountControl"].Value = val | 0x0010;
against.
directoryentry.InvokeSet("IsAccountLocked", true);
In answer to your question that I posed in my editing, I would say that this is the easiest way, at least I know. I prefer, as far as I know, to wrap those functions that I roughly did in my code example, so other programmers do not need to worry about bitwise operations, etc. For them, they manipulate objects.
As for the best path between the two, I think this is basically a matter of preference. If you are having a hard time performing logical operations, this is usually preferred. For comparison, the second option is easier to play with.