如何通过AD DirectoryEntry在VB.NET中设置AccountExpires

时间:2011-10-06 21:48:07

标签: vb.net active-directory directoryentry

我需要在AD DirectoryEntry中设置accountExpires属性找不到简单的答案。 找到了一些信息;

http://msdn.microsoft.com/en-us/library/system.directoryservices.accountmanagement.userprincipal.aspx

http://social.msdn.microsoft.com/Forums/en-US/vbgeneral/thread/182bfb6a-8b23-4c96-9379-101a4d91241a

http://www.rlmueller.net/AccountExpires.htm

看到一些文章重新ADS ****。dll但不认为我需要使用这种方法

        Dim valueToSet As Date = Now.AddDays(10)
        Dim ADSPath As String = "LDAP://cn=..."
        Dim de As DirectoryEntry = New DirectoryEntry(ADSPath)
        Dim d As TimeSpan = valueToSet.ToUniversalTime - Date.Parse("01/01/1601")
        Dim ValueToSetAsString As String = d.Ticks.ToString
        ' it appears that the ticks value is too large for the value of the directory entry
        ' converting to a string (18 chars or so) works!
        de.Properties("accountexpires").Value = ValueToSetAsString

感谢Brian,看起来上面写的大量代码可以简化; 

        de.Properties("accountexpires").Value = valueToSet.ToFileTime.ToString

在VB.NET中返回AccountExpires和其他largeInteger问题的函数

        Function ConvertADValueToDateTime(ByVal li As Object) As DateTime
        ' http://bytes.com/topic/visual-basic-net/answers/512901-lastlogontimestamp

        Try
            Dim lngHigh = li.HighPart
            Dim lngLow = li.LowPart
            Dim lastLogon = (lngHigh * 2 ^ 32) - lngLow
            Dim returnDateTime As DateTime = DateTime.FromFileTime(lastLogon)
            Return returnDateTime
        Catch ex As Exception
            Return Nothing
        End Try

    End Function

使用示例:

            Dim d As DateTime = ConvertADValueToDateTime(de.Properties("accountexpires").value)               
            If d = "01/01/1601" Then
                ' no expiry date
                Return Nothing
            Else
                Return d
            End If

另一种方法

Convert LDAP AccountExpires to DateTime in C#

2 个答案:

答案 0 :(得分:4)

此类内容会将您的帐户设置为在30天后过期:

Dim de As New DirectoryEntry("LDAP://cn=foo,cn=users,dc=contoso,dc=com")

de.Properties["accountExpires"].Value = DateTime.UtcNow.AddDays(30).ToFileTime()
de.CommitChanges()

答案 1 :(得分:3)

这在表单上使用DateTimePicker,但使用任何其他日期格式应该是微不足道的。

Imports System.DirectoryServices
Imports System.DirectoryServices.ActiveDirectory
Imports System.IO

'Get the user
Dim EntryString As String
EntryString = "LDAP://...."
Dim dirEntry As DirectoryEntry
dirEntry = New DirectoryEntry(EntryString)
Dim dirSearcher As New DirectorySearcher(dirEntry)
dirSearcher.Filter = "(&(objectCategory=Person)(objectClass=user)(SAMAccountName=" & Trim(Form1.AccountNameTB.Text) & "))"
dirSearcher.SearchScope = SearchScope.Subtree
Dim searchResults As SearchResult = dirSearcher.FindOne()

'Set the date
Dim d1 As Date = Form1.AccountExpiresDTP.Value
Dim d2 As New DateTime(d1.Year, d1.Month, d1.Day)
d2 = d2.AddDays(1) 'Add one day so that it matches what is in AD
Dim ft As Long = d2.ToFileTime()
dirEntryResults.Properties("accountExpires").Value = ft.ToString 'You do need to turn it into a string
dirEntryResults.CommitChanges()
dirEntryResults.Close()
相关问题
最新问题