tags:

views:

75

answers:

2
Q: 

Setting the LastPasswordSet date for a user in Active Directory

I want to set the LastPasswordSet attribute of a user in Microsoft Active Directory.

The .NET UserPrincipal API exposes the LastPasswordSet property as readonly.

Is there a way around this, to set the value (perhaps using ADSI)?

Edit:

MSDN provides the following example code:

usr.Properties["pwdLastSet"].Value = -1; // To turn on, set this value to 0.
usr.CommitChanges();

This forces the user to change their password at next logon. I presume if I replace -1 with a date-time in the relevant format, this will do what I want.

It does not, however, show how I get hold of the principal (presumably usr). I'll upvote anything that helps me find this out.

A: 

Something like this?

var usr = new DirectoryEntry("LDAP://CN=Old User,CN=users,DC=fabrikam,DC=com");
usr.Properties["pwdLastSet"].Value = whatever-format-the-date-should-be;
usr.CommitChanges();

As yet untested.

Ben Aston  2010-05-25 14:50:31
+1  A: 

Another way would be to perform a search against the AD through the DirectorySearcher class using the login of your users.

public DirectoryEntry GetUser(string domain, string loginName) {
    DirectorySearcher ds = new DirectorySearcher();
    ds.SearchRoot = new DirectoryEntry(domain);
    ds.SearchScope = SearchScope.Subtree;
    ds.PropertiesToLoad.Add("sAMAccountName");
    ds.PropertiesToLoad.Add("pwdLastSet");
    ds.Filter = string.Format("(&(objectCategory=person)(objectClass=user)(sAMAccountName={0})", loginName);

    SearchResult sr = null;

    try {
        sr = ds.FindOne();
        if (sr == null) return null;
        return sr.GetDirectoryEntry();
    } catch (Exception) {
        throw;
    }
}

Then, when wanting to set your PasswordLastSet property, you assure that the user exists and that there is no spelling mistakes.

string loginName = "AstonB1";

using(DirectoryEntry user = GetUser(loginName)) {
    if (user == null) return;

    user.Properties["pwdLastSet"].Value = whatever-format-the-date-should-be;
    user.CommitChanges();
    user.Close();
}
Will Marcouiller  2010-05-25 15:18:27

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?