ARTICLE

Active Directory Account Expires

Posted by Charles Stratton Articles | Visual Basic .NET September 19, 2012
This article shows how to set the Active Directory AccountExpires Attribute in .Net.
Reader Level:

I searched everywhere for a good article on setting the Active Directory AccountExpires after several hours, but could not find one. Finally... Here's my version..Enjoy...

Setting the accountExpires Attribute in Active Directory

  1.   Add Reference to ActiveDs.dll
  2.  Add imports/using statement in your class

Imports ActiveDs

Add these two function/sub to your class

'This class takes the directoryentry after you have created your user or an existing user. 'dte is the string date e.g. format "05/30/2008 5:00:00 PM"

Public Sub ExpirePassword(ByVal de As DirectoryEntry, ByVal dte As String)

'You'll notice that I add a day, it's a day short, if you have a fix let me know - but it works :)

'It's important to see that I convert the string to a date, then to the Date.ToFileTime then to Int64

de.Properties("accountExpires")(0) = GetLargeInteger(CType(CType(dte, Date).AddDays(1).ToFileTime, Int64))

de.CommitChanges()

End Sub

'This function I have seen on several different blogs and is necessary to turn the int64 passed to an IADs large integer so it can be saved, I think it's a day off, but I works, thanks

Function GetLargeInteger(ByVal val As Int64) As IADsLargeInteger

Dim largeInt As New ActiveDs.LargeIntegerClass

largeInt.HighPart = CType((val >> 32), Integer)

val = val << 32

val = val >> 32

largeInt.LowPart = (Convert.ToInt32(val))

Return largeInt

End Function

COMMENT USING