I am wanting to set a new users account to expire in 90 days from when it is created. Here is my code to create the user and set everything up. Everything works except for the last block where i am trying to set it to expire.
DirectoryEntry newUser = dirEntry.Children.Add("CN=" + cnUser, "user");
newUser.Properties["samAccountName"].Value = cnUser;
newUser.Properties["userPrincipalName"].Value = cnUser;
newUser.Properties["pwdLastSet"].Value = 0;
newUser.CommitChanges();
//Changes Password
String passwrd = userPassword.ToString();
newUser.Invoke("SetPassword", new object[] { passwrd });
newUser.CommitChanges();
//Sets User Account to Change Passowrd on new login
newUser.Properties["pwdLastSet"].Value = 0;
newUser.CommitChanges();
//Enables account
newUser.Properties["userAccountControl"].Value = (int)newUser.Properties["userAccountControl"].Value & ~0x2;
newUser.CommitChanges();
//Set the account to expire in 90 days
var dt1 = DateTime.Today.AddDays(90);
newUser.Properties["accountExpires"].Value = dt1.ToFileTime().ToString();
newUser.CommitChanges();
Any Suggestions on how to get his working?
Thanks
See The Documentation about this field. You'll need to convert that to "ticks" --
the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of 0 or 0x7FFFFFFFFFFFFFFF (9223372036854775807) indicates that the account never expires.
new DateTime(DateTime.UtcNow.AddDays(90).Ticks - new DateTime(1601, 1, 1).Ticks)
will get you the correct and exact value.
You can check your work (manually) by getting the value from the above expression and executing:
w32tm.exe /ntte 130149277684873234
The results of the above command for me was
150635 17:42:48.4873234 - 6/5/2013 12:42:48 PM
Or you could do:
DateTime expire = System.DateTime.Now.AddDays(90);
newUser.Properties["accountExpires"].Value = Convert.ToString((Int64)expire.ToFileTime());
newUser.CommitChanges();
This is a bit easier to deal with than messing with ticks and all that
reference : https://msdn.microsoft.com/en-us/library/ms180914(v=vs.80).aspx
//Use the DirectoryEntry.InvokeSet method to invoke the AccountExpirationDate property setter.
System.DirectoryServices.DirectoryEntry dirEntryLocalMachine =
new System.DirectoryServices.DirectoryEntry("WinNT://" + Environment.MachineName + "/" + userID);
dirEntryLocalMachine .InvokeSet("AccountExpirationDate", new object[] {new DateTime(2005, 12, 29)});
//Commit the changes.
usr.CommitChanges();
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.