C# code to Display the number of days before your active directory password expires.  
Author Message
FrankGroves





PostPosted: Visual C# General, C# code to Display the number of days before your active directory password expires. Top

I'm trying to find some code (c#) to display the number of days a user
has before his/her password expires. We have several users that use
OWA and do not log into the network at all. I'd like to create a page
that they can hit to find out how long until their password expires.
I've already developed an application for them to change their password
and account information, I'm stuck on this last part. Does anyone know
how or where I can get this code Thanks, Frank


Visual C#9  
 
 
Peter Huang - MSFT





PostPosted: Visual C# General, C# code to Display the number of days before your active directory password expires. Top

Hi Frank,

We can retrieve the accountExpires property for the account.
Account-Expires
The date when the account expires. This value represents the number of 100 nanosecond intervals since January 1, 1601 (UTC). A value of 0 or 0x7FFFFFFFFFFFFFFF (9223372036854775807) indicates that the account never expires.
http://msdn.microsoft.com/library/default.asp url=/library/en-us/adschema/adschema/a_accountexpires.asp

And then we can calculate by comparing to today's time.
Here are some code, you may tune based on your request.
http://www.codecomments.com/archive291-2004-3-163563.html

NOTE: the LargeInteger is a AD type, so we need to add reference to the ActiveDs COM Lib in addition to System.DirectoryServices.

Best regards,
Peter Huang



 
 
FrankGroves





PostPosted: Visual C# General, C# code to Display the number of days before your active directory password expires. Top

Peter,
Thanks for the reply and the link to the code. 

I figured it out.  Here is the code we used:

using System.DirectoryServices;
// You must add a reference to the activeds.tlb in the system32 directory. (click, website > add reference)
// Declare that you are using the ActiveDs namespace.
using ActiveDs;

public partial class StratAccountInfo : System.Web.UI.Page
{
private static string LdapADpath = ConfigurationManager.AppSettings["LdapString"];

protected void Page_Load(object sender, EventArgs e)
{
string LogUser = User.Identity.Name.Substring(User.Identity.Name.IndexOf("\\") + 1).ToString();
lblLoggedInAs.Text = LogUser;
DirectoryEntry entry = new DirectoryEntry(LdapADpath);
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + LogUser + ")";
SearchResult LDAPresult = search.FindOne();
entry = LDAPresult.GetDirectoryEntry();

// Pulling the informtion on when the password was last changed and converting it to a LargeInteger.
LargeInteger liAcctPwdChange = entry.Properties["pwdLastSet"].Value as LargeInteger;

// Convert the highorder/loworder parts of the property pulled to a long.
long dateAcctPwdChange = (((long)(liAcctPwdChange.HighPart) << 32) + (long)liAcctPwdChange.LowPart);

// Convert FileTime to DateTime and get what today's date is.
DateTime dtNow = DateTime.Now;
// I added 90 days because I know what my password expiration is set to, if not you need to pull that information and add the number of days it is set for.
DateTime dtAcctPwdChange = DateTime.FromFileTime(dateAcctPwdChange).AddDays(90);
string strAcctPwdChange = DateTime.FromFileTime(dateAcctPwdChange).ToShortDateString();
string strAcctPwdExpires = DateTime.FromFileTime(dateAcctPwdChange).AddDays(90).ToShortDateString();

// Calculate the difference between the date the pasword was changed, and what day it is now and display the # of days.
TimeSpan time;
time = dtAcctPwdChange - dtNow;
lblPwdChangedDate.Text = strAcctPwdChange;
lblPassExp.Text = strAcctPwdExpires;
lblPwdExpDays.Text= time.Days.ToString() + " day(s)";
}
}


 
 
Peter Huang - MSFT





PostPosted: Visual C# General, C# code to Display the number of days before your active directory password expires. Top

Hi Frank,

You are welcomed! If you still have any concern, please feel free to post here.

Best regards,

Peter Huang



 
 
Peter Huang - MSFT





PostPosted: Visual C# General, C# code to Display the number of days before your active directory password expires. Top

Hi Frank,

How is the things going
If you still have any concern, please feel free to post here.

Best regards,
Peter Huang



 
 
nbaker76





PostPosted: Visual C# General, C# code to Display the number of days before your active directory password expires. Top

Hi,

I am trying to use the code posted above to determine the number of days until the user's password expires in a WinForms app and I keep getting an Exception. Here is what I am doing:

string LDAP://metabolon.com;

//string strFilterAttribute = "";

string

DirectoryEntry entry = new DirectoryEntry(strPath, domainAndUsername, sPassword);

entry.AuthenticationType = AuthenticationTypes.Secure;

// Pulling the informtion on when the password was last changed and converting it to a LargeInteger.

LargeInteger liAcctPwdChange = entry.Properties["pwdLastSet"].Value as LargeInteger;

// Convert the highorder/loworder parts of the property pulled to a long.

long dateAcctPwdChange = (((long)(liAcctPwdChange.HighPart) << 32) + (long)liAcctPwdChange.LowPart);

// Convert FileTime to DateTime and get what today's date is.

DateTime dtNow = DateTime.Now;

// I added 90 days because I know what my password expiration is set to, if not you need to pull that information and add the number of days it is set for.

DateTime dtAcctPwdChange = DateTime.FromFileTime(dateAcctPwdChange).AddDays(90);

string strAcctPwdChange = DateTime.FromFileTime(dateAcctPwdChange).ToShortDateString();

string strAcctPwdExpires = DateTime.FromFileTime(dateAcctPwdChange).AddDays(90).ToShortDateString();

// Calculate the difference between the date the pasword was changed, and what day it is now and display the # of days.

TimeSpan time;

time = dtAcctPwdChange - dtNow;

//lblPwdChangedDate.Text = strAcctPwdChange;

//lblPassExp.Text = strAcctPwdExpires;

//lblPwdExpDays.Text= time.Days.ToString() + " day(s)";

Console.WriteLine("Password Change Date: " + strAcctPwdChange.ToString() + " Password Expires: " + strAcctPwdExpires.ToString() + " Days til Password Expires: " + time.ToString());

I get the exception at this line: LargeInteger liAcctPwdChange = entry.Properties["pwdLastSet"].Value as LargeInteger;

When I look through the list of properties, there is no such property as pwdLastSet. I looped through entry.Properties.PropertyNames to get a list of all the properties and pwdLastSet is not in there.

Please someone help me with this. I don't see how this works for everyone else, but it's not working for me. We are using Windows Server 2003 for our Active Directory server.

Thank you,

Nathan


 
 
nbaker76





PostPosted: Visual C# General, C# code to Display the number of days before your active directory password expires. Top

You can't look up the user's password expiration date until you do to Search. I changed my code to this and it works:

string

//string strFilterAttribute = "";

string

DirectoryEntry entry = new DirectoryEntry(strPath, domainAndUsername, sPassword);

entry.AuthenticationType = AuthenticationTypes.Secure;

try

{

//Bind to the native AdsObject to force authentication.

//object obj = entry.NativeObject;

DirectorySearcher search = new DirectorySearcher(entry);

search.Filter = "(SAMAccountName=" + sUserName + ")";

search.PropertiesToLoad.Add("cn");

SearchResult result = search.FindOne();

if(null == result)

{

//throw new Exception("Active Directory Error");

return false;

}

else

{

entry = result.GetDirectoryEntry();

// Pulling the informtion on when the password was last changed and converting it to a LargeInteger.

LargeInteger liAcctPwdChange = entry.Properties["pwdLastSet"].Value as LargeInteger;

// Convert the highorder/loworder parts of the property pulled to a long.

long dateAcctPwdChange = (((long)(liAcctPwdChange.HighPart) << 32) + (long)liAcctPwdChange.LowPart);

// Convert FileTime to DateTime and get what today's date is.

DateTime dtNow = DateTime.Now;

// I added 90 days because I know what my password expiration is set to, if not you need to pull that information and add the number of days it is set for.

DateTime dtAcctPwdChange = DateTime.FromFileTime(dateAcctPwdChange).AddDays(90);

string strAcctPwdChange = DateTime.FromFileTime(dateAcctPwdChange).ToShortDateString();

string strAcctPwdExpires = DateTime.FromFileTime(dateAcctPwdChange).AddDays(90).ToShortDateString();

// Calculate the difference between the date the pasword was changed, and what day it is now and display the # of days.

TimeSpan time;

time = dtAcctPwdChange - dtNow;

Console.WriteLine("Password Change Date: " + strAcctPwdChange.ToString() + " Password Expires: " + strAcctPwdExpires.ToString() + " Days til Password Expires: " + time.ToString());

}

//Update the new path to the user in the directory.

strPath = result.Path;

//strFilterAttribute = (string)result.Properties["cn"][0];

}

Thanks,

Nathan