使用LDAP和C#设置Active Directory帐户过期
[英]Setting Active Directory Account Expiration with LDAP and C#
问题描述
I am wanting to set a new users account to expire in 90 days from when it is created. 
我想将新用户帐户设置为在创建后的90天内到期。 Here is my code to create the user and set everything up. 这是我创建用户并设置所有内容的代码。 Everything works except for the last block where i am trying to set it to expire. 一切正常,除了我试图将其设置为过期的最后一个块。
DirectoryEntry newUser = dirEntry.Children.Add("CN=" + cnUser, "user");
newUser.Properties["samAccountName"].Value = cnUser;
newUser.Properties["userPrincipalName"].Value = cnUser;
newUser.Properties["pwdLastSet"].Value = 0;
newUser.CommitChanges();
//Changes Password
String passwrd = userPassword.ToString();
newUser.Invoke("SetPassword", new object[] { passwrd });
newUser.CommitChanges();
//Sets User Account to Change Passowrd on new login
newUser.Properties["pwdLastSet"].Value = 0;
newUser.CommitChanges();
//Enables account
newUser.Properties["userAccountControl"].Value = (int)newUser.Properties["userAccountControl"].Value & ~0x2;
newUser.CommitChanges();
//Set the account to expire in 90 days
var dt1 = DateTime.Today.AddDays(90);
newUser.Properties["accountExpires"].Value = dt1.ToFileTime().ToString();
newUser.CommitChanges();
Any Suggestions on how to get his working? 关于如何开展工作的任何建议?
Thanks 谢谢
3 个解决方案
解决方案1
6 已采纳 2013-03-07 21:08:44
See The Documentation about this field. 请参阅有关此字段的文档 。 You'll need to convert that to "ticks" -- 你需要将其转换为“滴答声” -
the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of 0 or 0x7FFFFFFFFFFFFFFF (9223372036854775807) indicates that the account never expires.
new DateTime(DateTime.UtcNow.AddDays(90).Ticks - new DateTime(1601, 1, 1).Ticks) will get you the correct and exact value. new DateTime(DateTime.UtcNow.AddDays(90).Ticks - new DateTime(1601, 1, 1).Ticks)将为您提供正确且准确的值。
You can check your work (manually) by getting the value from the above expression and executing: 您可以通过从上面的表达式获取值并执行来检查您的工作(手动):
w32tm.exe /ntte 130149277684873234
The results of the above command for me was 以上命令的结果对我来说是
150635 17:42:48.4873234 - 6/5/2013 12:42:48 PM
解决方案2
4 2015-02-20 02:44:19
Or you could do: 或者你可以这样做:
DateTime expire = System.DateTime.Now.AddDays(90);
newUser.Properties["accountExpires"].Value = Convert.ToString((Int64)expire.ToFileTime());
newUser.CommitChanges();
This is a bit easier to deal with than messing with ticks and all that 这比处理蜱虫和所有这些更容易处理
解决方案3
0 2015-06-04 11:34:59
reference : https://msdn.microsoft.com/en-us/library/ms180914(v=vs.80).aspx 参考: https : //msdn.microsoft.com/en-us/library/ms180914(v = vs.80).aspx
//Use the DirectoryEntry.InvokeSet method to invoke the AccountExpirationDate property setter.
System.DirectoryServices.DirectoryEntry dirEntryLocalMachine =
new System.DirectoryServices.DirectoryEntry("WinNT://" + Environment.MachineName + "/" + userID);
dirEntryLocalMachine .InvokeSet("AccountExpirationDate", new object[] {new DateTime(2005, 12, 29)});
//Commit the changes.
usr.CommitChanges();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.