All geek questions in one place

Test "User must change password" in .Net 3.5 field

I am trying to accomplish some basic AD user management tasks in C # using .Net 3.5

I have a System.DirectoryServices.AccountManagement.UserPrincipal object containing user details.

I can call user.ExpirePasswordNow(), and the user will be forced to change his password the next time he logs on to the system (and the "User must change password at next logon" checkbox is selected in the "Active Directory user and computer GUI".

However, I want to check the state of this property and act on it - I do not want to just always set it to true with the function ExpirePasswordNow(). How can i do this?

I found examples inviting me to access the underlying DirectoryEntry and its pwdLastSetpropperty - but it looks like an impenetrable system .__ ComObject type is probably IADsLargeInteger, but I cannot use this type because of its "protection level".

I'm at a loss - can anyone help?

+3
source share
2 answers

I remember this because of the need to find out when the user set his password, but I never used it. Hope this helps ... and I have never tried the UserAccountControl attribute, but it does not look too crazy.

Pwd-Last-Set Attribute

0, User-Account-Control UF_DONT_EXPIRE_PASSWD, .

, - , ( ). , 'to-be-return', .

, 3.5. waaaaay . DirectorySearcher, UserAccountControl, . , , dunno...

Imports System.DirectoryServices.AccountManagement

Dim pctx = New PrincipalContext(AccountManagement.ContextType.Domain)
Dim p = UserPrincipal.FindByIdentity(pctx, "andrew")
If p.LastPasswordSet.HasValue = False Then
    If p.PasswordNeverExpires = False Then
        Console.WriteLine("You should have to enter a password next time!")
    End If
End If
+6

:

, # , .

0

Source: https://habr.com/ru/post/1723102/

More articles:


All Articles