English 中文(简体)
Test "User Must Change Password" field in .Net 3.5
原标题:

I m trying to perform some basic AD User managment tasks in C# using .Net 3.5

I ve got a System.DirectoryServices.AccountManagement.UserPrincipal object that contains the user details.

I can call user.ExpirePasswordNow() and the user will be forced to changed their password at next login (and the "Active Directory Users and Computers" GUI has the "User must change password at next logon" box checked.

However, I want to test the state of this property and act on it - I don t want to just always set it true via the ExpirePasswordNow() function. How can I do this?

I ve found examples suggesting I access the underlying DirectoryEntry and its pwdLastSet propperty - but this appears as an inpenetrable System.__ComObject type - it s probably a IADsLargeInteger but I cannot cast to that type due to its "protection level".

I m at a loss - can anyone help?

最佳回答

I remember this from having to find out when the user last set their password, but I never used it. Hope it helps... and I never tried the UserAccountControl attribute, but it looks not-too-crazy.

Pwd-Last-Set Attribute

If this value is set to 0 and the User-Account-Control attribute does not contain the UF_DONT_EXPIRE_PASSWD flag, then the user must set the password at the next logon.

Check out the User-Account-Control, someone included an example of how to read this flag only (as part of a query). It s probably better to just add the attribute to the to-be-returned , if that is possible.


I think this should work in 3.5. They made this waaaaay simpler. I can t get a DirectorySearcher object to return me the UserAccountControl flags, only this. Perhaps thats permissions, dunno...

Imports System.DirectoryServices.AccountManagement

Dim pctx = New PrincipalContext(AccountManagement.ContextType.Domain)
Dim p = UserPrincipal.FindByIdentity(pctx, "andrew")
If p.LastPasswordSet.HasValue = False Then
    If p.PasswordNeverExpires = False Then
        Console.WriteLine("You should have to enter a password next time!")
    End If
End If
问题回答

This might help:

Password expiration email utility

I had trouble finding a free utility that would send employees emails before their windows passwords were ready to expire, so I wrote a C# console application that does it.





相关问题
Anyone feel like passing it forward?

I m the only developer in my company, and am getting along well as an autodidact, but I know I m missing out on the education one gets from working with and having code reviewed by more senior devs. ...

NSArray s, Primitive types and Boxing Oh My!

I m pretty new to the Objective-C world and I have a long history with .net/C# so naturally I m inclined to use my C# wits. Now here s the question: I feel really inclined to create some type of ...

C# Marshal / Pinvoke CBitmap?

I cannot figure out how to marshal a C++ CBitmap to a C# Bitmap or Image class. My import looks like this: [DllImport(@"test.dll", CharSet = CharSet.Unicode)] public static extern IntPtr ...

How to Use Ghostscript DLL to convert PDF to PDF/A

How to user GhostScript DLL to convert PDF to PDF/A. I know I kind of have to call the exported function of gsdll32.dll whose name is gsapi_init_with_args, but how do i pass the right arguments? BTW, ...

Linqy no matchy

Maybe it s something I m doing wrong. I m just learning Linq because I m bored. And so far so good. I made a little program and it basically just outputs all matches (foreach) into a label control. ...

热门标签