Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

How to obtain password expiration date by using LDAP ADSI provider


View products that this article applies to.

Summary

This article contains sample code that demonstrates how to use the LDAP ADSI provider to obtain the password expiration date of an Active Directory user.

↑ Back to the top


More information

This article contains sample code for the following programs:
  • Visual Basic
  • VBScript

Visual Basic Sample Code

To use the following Visual Basic sample code, you must add Active DS Type Library to your Project's reference.
    
    '========================================
    ' First, get the domain policy.
    '========================================
    Dim oDomain As IADsContainer
    Dim oUser As IADsUser
    Dim maxPwdAge As LargeInteger
    
    '========================================
    ' Declaring numDays as Currency, due to a
    ' large number calculation.
    '========================================
    Dim numDays As Currency
    
    strDomainDN = "YOURDOMAIN"
    strUserDN = strDomainDN & "/CN=John Doe,CN=Users,DC=YOURDOMAIN,DC=COM"
    
    Set oDomain = GetObject("LDAP://" & strDomainDN)
    Set maxPwdAge = oDomain.Get("maxPwdAge")

    '========================================
    ' Calculate the number of days that are
    ' held in this value.
    '========================================
    numDays = ((maxPwdAge.HighPart * 2 ^ 32) + _
                maxPwdAge.LowPart) / -864000000000@
    Debug.Print "Maximum Password Age: " & numDays
    
    '========================================
    ' Determine the last time that the user
    ' changed his or her password.
    '========================================
    Set oUser = GetObject("LDAP://" & strUserDN)

    '========================================
    ' Add the number of days to the last time
    ' the password was set.
    '========================================
    whenPasswordExpires = DateAdd("d", numDays, oUser.PasswordLastChanged)
    
    Debug.Print "Password Last Changed: " & oUser.PasswordLastChanged
    Debug.Print "Password Expires On: " & whenPasswordExpires

    '========================================
    ' Clean up.
    '========================================
    Set oUser = Nothing
    Set maxPwdAge = Nothing
    Set oDomain = Nothing

				

VBScript Sample Code

To use the following sample you code, you must copy the code to a text file with a .vbs file extension.

    '========================================
    ' First, get the domain policy.
    '========================================
    Dim oDomain
    Dim oUser
    Dim maxPwdAge
    Dim numDays
   
    strDomainDN = "YOURDOMAIN"
    strUserDN = strDomainDN & "/CN=John Doe,CN=Users,DC=YOURDOMAIN,DC=COM"
    
    Set oDomain = GetObject("LDAP://" & strDomainDN)
    Set maxPwdAge = oDomain.Get("maxPwdAge")

    '========================================
    ' Calculate the number of days that are
    ' held in this value.
    '========================================
    numDays = CCur((maxPwdAge.HighPart * 2 ^ 32) + _
                    maxPwdAge.LowPart) / CCur(-864000000000)
    WScript.Echo "Maximum Password Age: " & numDays
    
    '========================================
    ' Determine the last time that the user
    ' changed his or her password.
    '========================================
    Set oUser = GetObject("LDAP://" & strUserDN)

    '========================================
    ' Add the number of days to the last time
    ' the password was set.
    '========================================
    whenPasswordExpires = DateAdd("d", numDays, oUser.PasswordLastChanged)
    
    WScript.Echo "Password Last Changed: " & oUser.PasswordLastChanged
    WScript.Echo "Password Expires On: " & whenPasswordExpires

    '========================================
    ' Clean up.
    '========================================
    Set oUser = Nothing
    Set maxPwdAge = Nothing
    Set oDomain = Nothing

    WScript.Echo "Done"

				

↑ Back to the top


References

For more information about Active Directory Service Interfaces (ADSI) reference documentation, visit the following MSDN Web site: For more information about how to determine the last time the password was changed, click the following article number to view the article in the Microsoft Knowledge Base:
192949 How to find password last changed date using ADSI

↑ Back to the top


Keywords: KB323750, kbhowto, kbdswadsi2003swept

↑ Back to the top

Article Info
Article ID : 323750
Revision : 6
Created on : 5/19/2005
Published on : 5/19/2005
Exists online : False
Views : 670