Monday, September 11, 2006

Set the Account Expiry property in LDAP

In many forums, I have found the question of how to set the AccountExpiry property in LDAP. I saw these when I was facing such a similar issue. Most of the forums did not mention much or those which mentioned something were incomplete. That is why I thought of blogging my solution.

This piece of code, is the one which I use to create a temporary user for my application. This can be helpful when you want to create a user whose account will expire after a certain period of time. Here I set it as 90 days.

The Code...

void SetAccountExpiry(string UserName)
DirectoryEntry UserDE = new DirectoryEntry(LDAPPath, LDAPUserName, LDAPPwd);

DirectorySearcher oSearch = new DirectorySearcher(UserDE);
oSearch.Filter = "(SAMAccountName=" + UserName + ")";
SearchResult oResult = oSearch.FindOne();
UserDE = oResult.GetDirectoryEntry();

DateTime accExp = DateTime.Now.AddDays(90);
int64 accExpNum = accExp.ToFileTime();
UserDE.Properties["accountExpires"].Value = GetLargeinteger(accExpNum);

IADsLargeinteger GetLargeinteger(long val)
IADsLargeinteger largeint = new Largeinteger();
largeint.HighPart = (int) (val >> 32);
largeint.LowPart = (int) (val & 0xFFFFFFFF);
return largeInt;

Hope this code was helpful. Comments and suggestions are always welcome.


Post a Comment

<< Home