Reading accountExpires, again... RRS feed

  • Question

  • User-265954812 posted

    From an earlier post, I found the below code (now converted to vb):

    Private Function GetInt64(ByVal entry As DirectoryEntry, ByVal attr As String) As Int64
    'we will use the marshaling behavior of 'the searcher

        Dim ds As New DirectorySearcher(entry, [String].Format("({0}=*)", attr), New String() {attr}, SearchScope.Base)
        Dim sr As SearchResult = ds.FindOne()
        If Not (sr Is Nothing) Then
            If sr.Properties.Contains(attr) Then
                Return CType(sr.Properties(attr)(0), Int64)
            End If
        End If
        Return -1
    End Function 'GetInt64

     When trying to write the calue of the attribute to a Label, I get an unspecified error wich fails on Dim sr As SearchResult = ds.FindOne()

    This is how the code looks for the Label.Text:
    Dim CN As String = GetUserInfo("some_sAMAccountName", "CN")
    Dim userDN As String = "OU=some_ou,DC=domain,DC=int"
    Dim filter As String = [String].Format("(&(objectClass=user)(objectCategory=person)(cn=" & CN & "))", userDN)
    Dim User As New DirectoryEntry(filter, Nothing, Nothing, AuthenticationTypes.Secure)
    Dim expires As DateTime = DateTime.FromFileTime(GetInt64(User, "accountExpires"))
    Label1.Text = expires

    The function GetUserInfo returns the CN attribute for a certain user, and no problems there

    Can someone tell me what I'm doing wrong?

    I'm running .Net 2.0. AD contains on a Windows 2000 server.


    Thursday, October 12, 2006 8:16 AM

All replies

  • User-265954812 posted

    Am I the only one having this problem??


    Tuesday, November 7, 2006 8:20 AM
  • User1217975830 posted

    I couldn't quite follow the "logic".

    and you don't say/show how you get "some_sAMAccountName" value.

    '* Heres code snips of how I'm doing it - of reading for a specific user AD entry using LDAP provider

    '* and "calc" the accountExpires...
    '* I dont go after a specific OU - users move around too much
    Dim LDAPdom as string = "LDAP://my.place.com/DC=my,DC=place,DC=com"

    Dim deUser As DirectoryServices.DirectoryEntry = New DirectoryServices.DirectoryEntry(LDAPdom)
    deUser.AuthenticationType = DirectoryServices.AuthenticationTypes.Secure
    deUser.SearchScope = DirectoryServices.SearchScope.Subtree

    '* For filters, refer to:
    '* http://www.microsoft.com/technet/scriptcenter/guide/sas_usr_ykxh.mspx?mfr=true
    deUser.Filter = "(&(objectClass=user)(sAMAccountName=" & some_AccountName_text & "))"
    Dim UsrSrchr As DirectoryServices.DirectorySearcher = New DirectoryServices.DirectorySearcher(deUser)

    '* Either "load" the specific properties you want returned
    '* or if no "load" items are defined, will return all of them(#)
    '* (#)Note: Even if the property is "added", if it is not set/used
    '* for a given object, it will not be returned at all. So need
    '* to do the "Properties.Contains" on each to check for it.

    '* collection where search returns into
    Dim ADResult As DirectoryServices.SearchResult

    '* read AD and return the first matching entry
      ADResult = UsrSrchr.FindOne
    Catch ex As Exception
      ErrMsg.Text = "*** Server cannot be contacted at this time, try again later ***"
      Exit Sub
    End Try
    If IsNothing(ADResult) Then
      ErrMsg.Text = "UserID not found"
      Exit Sub
    End If

    '* now process the returned property values

    ' //msdn.microsoft.com/en-gb/library/ms675098.aspx
    '  LDAP- "accountExpires" - The date when the account expires.
    ' A value of 0 or 0x7FFFFFFFFFFFFFFF (9223372036854775807)
    '   indicates that the account never expires.
      Dim WrkUInt64 As System.UInt64                ' unsigned 64bit
      Dim WrkUInt32H, WrkUInt32L As System.UInt32   ' unsigned 32bit
      Dim WrkDtTm As DateTime

      If ADResult.Properties.Contains("accountExpires") Then
        WrkUInt64 = ADResult.Properties("accountExpires").Item(0)
        WrkUInt32H = CType((WrkUInt64 >> 32), UInteger)
        WrkUInt64 = WrkUInt64 << 32
        WrkUInt64 = WrkUInt64 >> 32
        WrkUInt32L = Convert.ToUInt32(WrkUInt64)
        WrkUInt64 = (WrkUInt32H * &H100000000) + WrkUInt32L
          WrkDtTm = DateTime.FromFileTime(WrkUInt64)
        Catch ex As Exception    ' not valid = "0x7FFFFFFFFFFFFFFF"
          WrkUInt64 = &H0
        End Try
        If WrkUInt64 = &H0 Then  ' not valid = "0"
          EndDte.Text = "Not Set"
          EndDte.Text = WrkDtTm
        End If
      Else                       ' property was not return in the result
        EndDte.Text = " *Error*"
      End If


    Tuesday, November 14, 2006 10:11 PM
  • User2130024188 posted

    Does not seem to work with Visual Studio 2013, receive the following error.

    An exception of type 'System.InvalidCastException' occurred in Microsoft.VisualBasic.dll but was not handled in user code

    Additional information: Conversion from type '_ComObject' to type 'ULong' is not valid.

    Seems that you should be able to retrieve the account expiry date without having to piss fart around like this,

    Wednesday, July 2, 2014 8:59 PM