none
c# Password expired

    Question

  • I am trying to get users whose password will expired in current date with following code

                             

    public static TimeSpan GetMaxPasswordAge()
            {

                using (DirectoryEntry entry = new DirectoryEntry("LDAP://OU=users,DC=Mytechnet,DC=COM"))
                {
                   DirectorySearcher ds = new DirectorySearcher(entry);

                        foreach (SearchResult sr in ds.FindAll())
                        {
                            TimeSpan maxPwdAge = TimeSpan.MinValue;
                            if (sr.Properties.Contains("maxPwdAge"))
                                maxPwdAge = TimeSpan.FromTicks((long)sr.Properties["maxPwdAge"][0]);
                            return maxPwdAge.Duration();

                        }

                }
            }

    But receive error ( not all code paths return a value)


    Support@Mytechnet.me


    Friday, March 08, 2013 8:32 AM

Answers

All replies

  • Try following piece of code

    public static TimeSpan GetMaxPasswordAge()
            {
    			TimeSpan maxPwdAge = TimeSpan.MinValue;
                using (DirectoryEntry entry = new DirectoryEntry("LDAP://OU=users,DC=Mytechnet,DC=COM"))
                {
                   DirectorySearcher ds = new DirectorySearcher(entry);
    
                        foreach (SearchResult sr in ds.FindAll())
                        {                        
                            if (sr.Properties.Contains("maxPwdAge"))
                                maxPwdAge = TimeSpan.FromTicks((long)sr.Properties["maxPwdAge"][0]);
                            return maxPwdAge.Duration();
    
                        }
    
                }
    			return maxPwdAge;
            }
    Moreover in your for loop you need to maintain all the timespans or the one with latest date ?


    Mark Answered, if it solves your question and Vote if you found it helpful.
    Rohit Arora

    Friday, March 08, 2013 8:36 AM
  • You need a return outside your foreach loop. Something like this, but I may not have the logic 100% correct. Basically, what is happening in yours is that the first return in the foreach loop breaks the iteration of the loop. The other iterations of the loop never get to be processed or return a result

    public static TimeSpan[] GetMaxPasswordAge()
            {
                using (DirectoryEntry entry = new DirectoryEntry("LDAP://OU=users,DC=Mytechnet,DC=COM"))
                {
                   List<TimeSpan> pwdages = new List<TimeSpan>();
                   DirectorySearcher ds = new DirectorySearcher(entry);
                        foreach (SearchResult sr in ds.FindAll())
                        {
                            TimeSpan maxPwdAge = TimeSpan.MinValue;
                            if (sr.Properties.Contains("maxPwdAge"))
                                pwdages.Add(TimeSpan.FromTicks((long)sr.Properties["maxPwdAge"][0]));
                            
                        }
                        return pwdages.ToArray();
                }
            }


    Friday, March 08, 2013 8:40 AM
  • Dear Exprt Thx,

    All my concern here to get all users in domain that password is expired or will expire.

    how do i get user logonname and displayname and password expiry date


    Support@Mytechnet.me


    Friday, March 08, 2013 10:18 AM
  • Hi MyTechnet.Me,

      welcome to MSDN Forum Support.

      You can use the following way to get it.

      

      The following code worked for me to get the password expiration date on both domain and local user accounts:

    public static DateTime GetPasswordExpirationDate(string userId, string domainOrMachineName)
    {
        using (var userEntry = new DirectoryEntry("WinNT://" + domainOrMachineName + '/' + userId + ",user"))
        {
            return userEntry.InvokeGet("PasswordExpirationDate");
        }
    }

     The detailed explanation about it you can refer to this thread named Active Directory user password expiration date .NET/OU Group Policy


    Jason Wang [MSFT]
    MSDN Community Support | Feedback to us


    Monday, March 11, 2013 8:04 AM
    Moderator
  • Thx for your feed back.

    I  am try to get all locked account in domain with deffirent dates


    Support@Mytechnet.me

    Monday, March 11, 2013 8:12 AM