This article contains sample code that demonstrates how to use the LDAP ADSI provider to obtain the password expiration date of an Active Directory user.
This article contains sample code for the following programs:
Visual Basic Sample Code
To use the following Visual Basic sample code, you must add
Active DS Type Library to your Project's reference.
'========================================
' First, get the domain policy.
'========================================
Dim oDomain As IADsContainer
Dim oUser As IADsUser
Dim maxPwdAge As LargeInteger
'========================================
' Declaring numDays as Currency, due to a
' large number calculation.
'========================================
Dim numDays As Currency
strDomainDN = "YOURDOMAIN"
strUserDN = strDomainDN & "/CN=John Doe,CN=Users,DC=YOURDOMAIN,DC=COM"
Set oDomain = GetObject("LDAP://" & strDomainDN)
Set maxPwdAge = oDomain.Get("maxPwdAge")
'========================================
' Calculate the number of days that are
' held in this value.
'========================================
numDays = ((maxPwdAge.HighPart * 2 ^ 32) + _
maxPwdAge.LowPart) / -864000000000@
Debug.Print "Maximum Password Age: " & numDays
'========================================
' Determine the last time that the user
' changed his or her password.
'========================================
Set oUser = GetObject("LDAP://" & strUserDN)
'========================================
' Add the number of days to the last time
' the password was set.
'========================================
whenPasswordExpires = DateAdd("d", numDays, oUser.PasswordLastChanged)
Debug.Print "Password Last Changed: " & oUser.PasswordLastChanged
Debug.Print "Password Expires On: " & whenPasswordExpires
'========================================
' Clean up.
'========================================
Set oUser = Nothing
Set maxPwdAge = Nothing
Set oDomain = Nothing
VBScript Sample Code
To use the following sample you code, you must copy the code to a text file with a
.vbs file extension.
'========================================
' First, get the domain policy.
'========================================
Dim oDomain
Dim oUser
Dim maxPwdAge
Dim numDays
strDomainDN = "YOURDOMAIN"
strUserDN = strDomainDN & "/CN=John Doe,CN=Users,DC=YOURDOMAIN,DC=COM"
Set oDomain = GetObject("LDAP://" & strDomainDN)
Set maxPwdAge = oDomain.Get("maxPwdAge")
'========================================
' Calculate the number of days that are
' held in this value.
'========================================
numDays = CCur((maxPwdAge.HighPart * 2 ^ 32) + _
maxPwdAge.LowPart) / CCur(-864000000000)
WScript.Echo "Maximum Password Age: " & numDays
'========================================
' Determine the last time that the user
' changed his or her password.
'========================================
Set oUser = GetObject("LDAP://" & strUserDN)
'========================================
' Add the number of days to the last time
' the password was set.
'========================================
whenPasswordExpires = DateAdd("d", numDays, oUser.PasswordLastChanged)
WScript.Echo "Password Last Changed: " & oUser.PasswordLastChanged
WScript.Echo "Password Expires On: " & whenPasswordExpires
'========================================
' Clean up.
'========================================
Set oUser = Nothing
Set maxPwdAge = Nothing
Set oDomain = Nothing
WScript.Echo "Done"
For more information about Active Directory Service Interfaces (ADSI) reference documentation, visit the following MSDN Web site:
For more information about how to determine the last time the password was changed, click the following article number to view the article in the Microsoft Knowledge Base:
192949
(http://support.microsoft.com/kb/192949/
)
How to find password last changed date using ADSI
Back to the top
