Menu
When I get UserPrincipal/DirectoryEntry records for a machine or Active Directory domain, is there a way to differentiate system accounts from real users?
For example, jsmith is a real user, while ASPNET or IUSR_machine are not. But relying on hard-coded known names doesn't seem to be the best way to filter out system users, because, there can be other accounts, too. Is there a better way?
For example, maybe there is "can logon interactively" flag, or, detect by checking that password is set, etc.
591
The sample accounts you list are, for all intents and purposes, functionally the same as a user account you create for a named person.
106
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
