Try this for domain policy enforced pwd. aging.
public static void Main() {
long maxAge;
// Get maxPwdAge from domain
using(DirectoryEntry domain = new
DirectoryEntry("LDAP://domain/DC=xxxx,DC=xxxx,DC=xxx", "xxx\\administrator",
"ppppp"))
{
LargeInteger liMaxAge =domain.Properties["MaxPwdAge"].Value as
LargeInteger;
maxAge = (((long)(liMaxAge.HighPart) << 32) + (long) liMaxAge.LowPart);
// SHOULD be a negative value !!!
}
// Get pwdlast set for user (here administrator)
DirectoryEntry user = new
DirectoryEntry("LDAP://domain/CN=administrator,cn=users,DC=celeb,DC=w2kdom,DC=co m",
"xxx\\administrator", "xxxxx");
LargeInteger li = user.Properties["pwdLastSet"].Value as LargeInteger;
long expDate = (((long)(li.HighPart) << 32) + (long) li.LowPart) - maxAge;
// !!! maxAge is negative number!!!
LiToDate(expDate);
}
}
static void LiToDate(long date)
{
Console.WriteLine(date);
string dt = DateTime.FromFileTime(date).ToString(); // To file time
Console.WriteLine("DATE = {0:D}" ,dt); // show pwd expiry date
}
....
Willy.
"Bryan Yeo" <br******@yahoo.com> wrote in message
news:%2****************@TK2MSFTNGP09.phx.gbl...
I have tried the microsoft and try to convert the codes to C#, this is
what I have:
IADsLargeInteger fds2 =
(IADsLargeInteger)searchentry2.Properties["maxPwdAge"].Value;
double ONE_HUNDRED_NANOSECOND = 10^-7; //.000000100;
int SECONDS_IN_DAY = 86400;
int fgd = (int)fds2.HighPart;
int fgd2 = (int)fds2.LowPart;
double dblMaxPwdNano = Math.Abs((int)fds2.HighPart * 2^32 +
(int)fds2.LowPart);
double dblMaxPwdSecs = (int)dblMaxPwdNano * .000000100;
double dblMaxPwdDays = (int)dblMaxPwdSecs / SECONDS_IN_DAY;
But there is something either wrong with the code or with the
calculation, I got a zero.
And which policy does the maxpwdage taken from? local security policy,
domain security policy or domain controller policy?
Regards
Bryan
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!