Geek Answers Handbook

How to convert Active Directory pwdLastSet to Date / Time

public static string GetProperty(SearchResult searchResult, string PropertyName) { if (searchResult.Properties.Contains(PropertyName)) { return searchResult.Properties[PropertyName][0].ToString(); } else { return string.Empty; } }

This method is great for most Active Directory properties except those related to date / time, such as pwdLastSet, maxPwdAge, etc.

My question is how to get pwdLastSet for human reading in datetime format (e.g. 8/13/2013 or August 13, 2013, etc.).

I'm trying to do this, but he threw exceptions

 public static Int64 ConvertADSLargeIntegerToInt64(object adsLargeInteger) { var highPart = (Int32)adsLargeInteger.GetType().InvokeMember("HighPart", System.Reflection.BindingFlags.GetProperty, null, adsLargeInteger, null); var lowPart = (Int32)adsLargeInteger.GetType().InvokeMember("LowPart", System.Reflection.BindingFlags.GetProperty, null, adsLargeInteger, null); return highPart * ((Int64)UInt32.MaxValue + 1) + lowPart; }

I use the following code to get time as int64

 Int64 passwordLastSet = ConvertADSLargeIntegerToInt64(objResult.Properties["pwdLastSet"][0]);

Then I plan to use the DateTime constructor (Int64) to create a DateTime

+7
c # datetime active-directory largenumber
source share
2 answers

According to the MSDN documentation :

This value is stored as a large integer that represents the number of 100 nanosecond intervals since January 1, 1601 (UTC).

This is perfectly consistent with DateTime.FromFileTimeUtc , as described here .

And I'm not sure why you feel the need to perform low-level integer manipulation. I think you could just drop it.

So simple:

 long value = (long)objResult.Properties["pwdLastSet"][0]; DateTime pwdLastSet = DateTime.FromFileTimeUtc(value);
+9
source share

You can set the last password setting date for the directory user in a user-friendly form as easy as a pie. To do this, you can use the nullable LastPasswordSet property of the UserPrincipal class from the System.DirectoryServices.AccountManagement namespace.

If the User must change password at next logon option is User must change password at next logon , then the LastPasswordSet property returns null . Otherwise, it returns the last date and time when the password was set in the DateTime type.

 using(PrincipalContext context = new PrincipalContext(ContextType.Domain)) { UserPrincipal user = UserPrincipal.FindByIdentity(context, IdentityType.SamAccountName, Username); //? - to mark DateTime type as nullable DateTime? pwdLastSet = (DateTime?)user.LastPasswordSet; ... }

MSDN: UserPrincipal
MSDN: LastPasswordSet

+1
source share

More articles:


All Articles