我正在使用以下代码来获取特定计算机的LAPS密码和有效期:
string computerHostName = "hostname";
string domainController = "domain.lan";
DirectoryContext dirCtx = new DirectoryContext(DirectoryContextType.Domain, domainController);
using (Domain compsDomain = Domain.GetDomain(dirCtx))
using (DirectorySearcher adSearcher = new DirectorySearcher(compsDomain.GetDirectoryEntry()))
{
//this is the search criteria for the domain query
adSearcher.Filter = "(&(objectClass=computer) (cn=" + computerHostName + "))";
adSearcher.SearchScope = SearchScope.Subtree;
adSearcher.PropertiesToLoad.Add("ms-Mcs-AdmPwd");
adSearcher.PropertiesToLoad.Add("ms-Mcs-AdmPwdExpirationTime");
SearchResult searchResult = adSearcher.FindOne();
//Get the LAPS password
Console.WriteLine(searchResult.GetDirectoryEntry().Properties["ms-Mcs-AdmPwd"].Value);
//Should get the LAPS password expiration time
Console.WriteLine(searchResult.GetDirectoryEntry().Properties["ms-Mcs-AdmPwdExpirationTime"].Value);
}
Console.ReadLine();
但是,输出看起来像这样:
[这里有LAPS密码]
System .__ ComObject
我尝试过在线查看,并且已经看过this question和this one,但仍然无法正常使用。如何获取脚本以正常输出到期时间?
感谢您的帮助:)
答案 0 :(得分:1)
汉斯·帕桑(Hans Passant)向我推荐了以下链接:How to convert Active Directory pwdLastSet to Date/Time
代替使用:
Console.WriteLine(searchResult.GetDirectoryEntry().Properties["ms-Mcs-AdmPwdExpirationTime"].Value);
我应该改用:
Console.WriteLine((long)searchResult.Properties["ms-Mcs-AdmPwdExpirationTime"][0]);
正确输出:
132068789141660751