I have a web service which provides updates / additions to
active directory. I can add accounts, change values etc,
for everything I need to except the accountexpires field. I
have been searching for this one for weeks.
I am using the DirectoryEntry & DirectorySearcher classes
as follows:
'strCN is the username I am editing
'myDirectoryEntry is a directory entry object to our domain
myDirectorySearcher.SearchRoot = myDirectoryEntry
myDirectorySearcher.Filter = ("(&(objectClass=user)
(samaccountname=" & strCN & "))")
Try
Dim UserResult As SearchResult = myDirectorySearcher.
FindOne
Dim ADUser As New DirectoryEntry(UserResult.
GetDirectoryEntry.NativeObject)
If ADUser.Exists(ADUser.Path.ToString) Then
' I set other values here like:
ADUser.Invoke("Put", "sn", strSN) 'strSN is surname
ADUser.Invoke("Put", "mail", strMail) 'email address
ADUser.Invoke("Put", "homedirectory", strHomeDirectory)
ADUser.CommitChanges() ' apply changes
ADUser.Invoke("SetPassword", strPw) ' set password etc
I can also add the user to groups etc. I have tried a
number of ways to apply an expiry date to the account with
no success. eg.
ADUser.Invoke("Put", "AccountExpirationDate", dateExpires)
or
ADUser.Properties("AccountExpirationDate").Value =
dateExpires
have also tried using the 'toFileTime' conversion.
nb. This is different to the password expiry date that can
be set via the user flags.
Anyone that can assist me on this would be greatly
appreciated.
Stacy 4 19572
how about using WMI
Set objUser = GetObject _
("LDAP://cn=MyerKen,ou=Management,dc=NA,dc=fabrikam,dc=com" )
objUser.AccountExpirationDate = "01/01/2007"
objUser.SetInfo
more at http://www.microsoft.com/technet/tre...er/ScrUG82.asp
Rahul r_*****@nospam.yahoo.com
"Stac" <bo***@usq.edu.au> wrote in message
news:05****************************@phx.gbl... I have a web service which provides updates / additions to active directory. I can add accounts, change values etc, for everything I need to except the accountexpires field. I have been searching for this one for weeks. I am using the DirectoryEntry & DirectorySearcher classes as follows:
'strCN is the username I am editing 'myDirectoryEntry is a directory entry object to our domain
myDirectorySearcher.SearchRoot = myDirectoryEntry myDirectorySearcher.Filter = ("(&(objectClass=user) (samaccountname=" & strCN & "))") Try Dim UserResult As SearchResult = myDirectorySearcher. FindOne Dim ADUser As New DirectoryEntry(UserResult. GetDirectoryEntry.NativeObject) If ADUser.Exists(ADUser.Path.ToString) Then ' I set other values here like: ADUser.Invoke("Put", "sn", strSN) 'strSN is surname ADUser.Invoke("Put", "mail", strMail) 'email address ADUser.Invoke("Put", "homedirectory", strHomeDirectory) ADUser.CommitChanges() ' apply changes ADUser.Invoke("SetPassword", strPw) ' set password etc
I can also add the user to groups etc. I have tried a number of ways to apply an expiry date to the account with no success. eg. ADUser.Invoke("Put", "AccountExpirationDate", dateExpires) or ADUser.Properties("AccountExpirationDate").Value = dateExpires have also tried using the 'toFileTime' conversion. nb. This is different to the password expiry date that can be set via the user flags. Anyone that can assist me on this would be greatly appreciated.
Stacy
thnx Rahul
however, how do you authenticate the command doing this
within VB.net? I have an authenticated connection setup
through the directoryentry class. But the wmi script does
not utilise those credentials. While I can enter this
script inside VB.net and it appears to work, it returns
'general access denied' error. I tried entering in the user
credentials in the connection string as we used to in vb6,
but this didn't work either. Any ideas / thoughts???
thnx
Stac -----Original Message----- how about using WMI
Set objUser = GetObject _ ("LDAP://cn=MyerKen,ou=Management,dc=NA,dc=fabrikam,
dc=com")objUser.AccountExpirationDate = "01/01/2007" objUser.SetInfo
more at
http://www.microsoft.com/technet/treeview/default.asp?
url=/technet/ScriptCenter/user/ScrUG82.asp Rahul r_*****@nospam.yahoo.com
"Stac" <bo***@usq.edu.au> wrote in message news:05****************************@phx.gbl... I have a web service which provides updates / additions
to active directory. I can add accounts, change values etc, for everything I need to except the accountexpires
field. I have been searching for this one for weeks. I am using the DirectoryEntry & DirectorySearcher
classes as follows:
'strCN is the username I am editing 'myDirectoryEntry is a directory entry object to our
domain myDirectorySearcher.SearchRoot = myDirectoryEntry myDirectorySearcher.Filter = ("(&(objectClass=user) (samaccountname=" & strCN & "))") Try Dim UserResult As SearchResult = myDirectorySearcher. FindOne Dim ADUser As New DirectoryEntry(UserResult. GetDirectoryEntry.NativeObject) If ADUser.Exists(ADUser.Path.ToString) Then ' I set other values here like: ADUser.Invoke("Put", "sn", strSN) 'strSN is surname ADUser.Invoke("Put", "mail", strMail) 'email address ADUser.Invoke("Put", "homedirectory",
strHomeDirectory) ADUser.CommitChanges() ' apply changes ADUser.Invoke("SetPassword", strPw) ' set password
etc I can also add the user to groups etc. I have tried a number of ways to apply an expiry date to the account
with no success. eg. ADUser.Invoke("Put", "AccountExpirationDate",
dateExpires) or ADUser.Properties("AccountExpirationDate").Value = dateExpires have also tried using the 'toFileTime' conversion. nb. This is different to the password expiry date that
can be set via the user flags. Anyone that can assist me on this would be greatly appreciated.
Stacy
.
you can specify the user name when creating the WMI object in the moniker
string it self..... like thus...
Set objWMIService = GetObject("winmgmts:" & _
"{impersonationLevel=Impersonate}!\\" & Computer_B &
"\root\cimv2")
more at http://msdn.microsoft.com/library/de...e_computer.asp
HTH
Rahul r_*****@yahoo.nospam.com
"Stac" <an*******@discussions.microsoft.com> wrote in message
news:00****************************@phx.gbl... thnx Rahul however, how do you authenticate the command doing this within VB.net? I have an authenticated connection setup through the directoryentry class. But the wmi script does not utilise those credentials. While I can enter this script inside VB.net and it appears to work, it returns 'general access denied' error. I tried entering in the user credentials in the connection string as we used to in vb6, but this didn't work either. Any ideas / thoughts???
thnx Stac
-----Original Message----- how about using WMI
Set objUser = GetObject _ ("LDAP://cn=MyerKen,ou=Management,dc=NA,dc=fabrikam, dc=com")objUser.AccountExpirationDate = "01/01/2007" objUser.SetInfo
more at
http://www.microsoft.com/technet/treeview/default.asp? url=/technet/ScriptCenter/user/ScrUG82.asp Rahul r_*****@nospam.yahoo.com
"Stac" <bo***@usq.edu.au> wrote in message news:05****************************@phx.gbl... I have a web service which provides updates / additions to active directory. I can add accounts, change values etc, for everything I need to except the accountexpires field. I have been searching for this one for weeks. I am using the DirectoryEntry & DirectorySearcher classes as follows:
'strCN is the username I am editing 'myDirectoryEntry is a directory entry object to our domain myDirectorySearcher.SearchRoot = myDirectoryEntry myDirectorySearcher.Filter = ("(&(objectClass=user) (samaccountname=" & strCN & "))") Try Dim UserResult As SearchResult = myDirectorySearcher. FindOne Dim ADUser As New DirectoryEntry(UserResult. GetDirectoryEntry.NativeObject) If ADUser.Exists(ADUser.Path.ToString) Then ' I set other values here like: ADUser.Invoke("Put", "sn", strSN) 'strSN is surname ADUser.Invoke("Put", "mail", strMail) 'email address ADUser.Invoke("Put", "homedirectory", strHomeDirectory) ADUser.CommitChanges() ' apply changes ADUser.Invoke("SetPassword", strPw) ' set password etc I can also add the user to groups etc. I have tried a number of ways to apply an expiry date to the account with no success. eg. ADUser.Invoke("Put", "AccountExpirationDate", dateExpires) or ADUser.Properties("AccountExpirationDate").Value = dateExpires have also tried using the 'toFileTime' conversion. nb. This is different to the password expiry date that can be set via the user flags. Anyone that can assist me on this would be greatly appreciated.
Stacy
.
Well I managed to work it out, finally. It appears that if
you use the NativeObject property, you can call the native
ADSI calls, eg.
ADUser.NativeObject.AccountExpirationDate = "11/11/2003"
So all is good!! thnx Rahul for your options.
Stacy -----Original Message----- I have a web service which provides updates / additions to active directory. I can add accounts, change values etc, for everything I need to except the accountexpires field.
Ihave been searching for this one for weeks. I am using the DirectoryEntry & DirectorySearcher classes as follows:
'strCN is the username I am editing 'myDirectoryEntry is a directory entry object to our
domain myDirectorySearcher.SearchRoot = myDirectoryEntry myDirectorySearcher.Filter = ("(&(objectClass=user) (samaccountname=" & strCN & "))") Try Dim UserResult As SearchResult = myDirectorySearcher. FindOne Dim ADUser As New DirectoryEntry(UserResult. GetDirectoryEntry.NativeObject) If ADUser.Exists(ADUser.Path.ToString) Then ' I set other values here like: ADUser.Invoke("Put", "sn", strSN) 'strSN is surname ADUser.Invoke("Put", "mail", strMail) 'email address ADUser.Invoke("Put", "homedirectory",
strHomeDirectory) ADUser.CommitChanges() ' apply changes ADUser.Invoke("SetPassword", strPw) ' set password etc
I can also add the user to groups etc. I have tried a number of ways to apply an expiry date to the account with no success. eg. ADUser.Invoke("Put", "AccountExpirationDate", dateExpires) or ADUser.Properties("AccountExpirationDate").Valu e = dateExpires have also tried using the 'toFileTime' conversion. nb. This is different to the password expiry date that can be set via the user flags. Anyone that can assist me on this would be greatly appreciated.
Stacy
. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: CLEAR-RCIC |
last post by:
Hi. I have some code that updates a user's account properties in Active
Directory. The code also has a call that resets the account password (see
code below). I put the code in a .dll and have a...
|
by: rksprst |
last post by:
hi,
does anyone know of any script which can edit the group attributes in
active directory.
for use this script to set the group setting such that this group only
has access to a specific...
|
by: Jason |
last post by:
I'm trying to set a users password from a .net web application but get an Access Denied. I can set the other properties of the user so I'm confident that the general security is right. Does anyone...
|
by: pjdouillard |
last post by:
Hello all,
Here is the context of my problem:
We have an ASP.NET 1.1 application that has its own application pool
setup and that runs under the identity of a NT Domain service account
(this...
|
by: bsmith |
last post by:
I would like to determine if an Active Directory user account is
locked. Active directory is running on W2k3 server. I also want to
do this using the DirectoryEntry object. I have read a lot of...
|
by: Thomas Cameron |
last post by:
Hello all,
I have written an application in Visual Basic .Net 2003 which allows
staff members to enable user accounts within a specific group in our
Active Directory. However, as an added piece I...
|
by: teejayem |
last post by:
Hi.
I have searched the groups and have been unable to find an answer to
my question.
I am trying to reset the password of a user account in active
directory.
I have been trying to do this...
|
by: Dirk Laurenz |
last post by:
Hi,
i want to add an extern associated account to an mailenabled ad
object. everthing works fine (i'm working with vb.net 2008 express)
but saving produces an error.
both lines:...
|
by: andrestelnet |
last post by:
Hello everyone, I need to know, in C #, how to get the user that started the Windows account in Active Directory, to get its data. Thanks, I await your response.
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| |