Unable to retrieve "msDS-UserPasswordExpired" attribute

Forgot to mention, I'm using ADAM here. Anyone?

Post by Henry
I have the following code,
string userName = "CN=Admin,O=MyDomain,C=us";
string password = "Abcde1234";
string queryFilter =

string.Format("(&(&(objectClass=user)(objectCategory=person))(|(cn={0})))",

Post by Henry
"ignhenry" );
string[] propertiesToLoad =
{
"cn", "distinguishedName", "isPasswordGenerated",
"lastBadPasswordCount", "name", "msDS-UserAccountDisabled",
"msDS-UserPasswordExpired", "objectGUID", "pwdLastSet",
"whenChanged", "whenCreated", "description", "givenName", "mail",
"middleName", "postalAddress", "postalCode", "title"
};
DirectoryEntry deContainer = null;
DirectorySearcher searcher = null;
DirectoryEntry deObject = null;
try
{
deContainer = new DirectoryEntry( ldapPath, userName, password,
AuthenticationTypes.ServerBind );
deContainer.RefreshCache();
searcher = new DirectorySearcher(deContainer);
searcher.Filter = queryFilter;
searcher.PropertiesToLoad.AddRange( propertiesToLoad );
searcher.SearchScope = SearchScope.Subtree;
SearchResult result = searcher.FindOne();
deObject = null;
if ( result != null )
deObject = result.GetDirectoryEntry();
bool userPasswordExpired = false;
if ( deObject.Properties.Contains("msDS-UserPasswordExpired") )
userPasswordExpired = (bool)
deObject.Properties["msDS-UserPasswordExpired"].Value;
}
catch (COMException ex)
{
string msg = ex.Message;
int errCode = ex.ErrorCode;
throw;
}
catch (Exception ex)
{
string msg = ex.Message;
throw;
}
finally
{
if ( deContainer != null ) { deContainer.Close();

deContainer.Dispose(); }

Post by Henry
if ( deObject != null ) { deObject.Close(); deObject.Dispose(); }
if ( searcher != null ) { deContainer.Dispose(); }
}
The code gives me no error except I cannot get value for
"msDS-UserPasswordExpired" attribute even its value is actually exists. I
have checked that the user object has value for that attribute. Anyone can
see what am I doing wrong here?
Thanks
Henry

Joe Kaplan (MVP - ADSI)

2004-07-01 14:25:53 UTC

What happens when you try to get the value from the SearchResult directly
instead of getting it from the DirectoryEntry?

Joe K.

Post by Henry
Forgot to mention, I'm using ADAM here. Anyone?

Post by Henry
I have the following code,
string userName = "CN=Admin,O=MyDomain,C=us";
string password = "Abcde1234";
string queryFilter =

string.Format("(&(&(objectClass=user)(objectCategory=person))(|(cn={0})))",

deContainer.Dispose(); }

Lee Flight

2004-07-01 15:52:47 UTC

Hi Joe,

I'm sure SearchResult will give the value (I just tried it against an ADAM
instance).
I guess the problem is that msDS-UserPasswordExpired is a constructed
attribute
and so the DirectoryEntry would need an explicit RefreshCache for that
property.

Thanks
Lee Flight

Post by Joe Kaplan (MVP - ADSI)
What happens when you try to get the value from the SearchResult directly
instead of getting it from the DirectoryEntry?
Joe K.

Post by Henry
Forgot to mention, I'm using ADAM here. Anyone?

Post by Henry
I have the following code,
string userName = "CN=Admin,O=MyDomain,C=us";
string password = "Abcde1234";
string queryFilter =

string.Format("(&(&(objectClass=user)(objectCategory=person))(|(cn={0})))",

deContainer.Dispose(); }

Post by Henry
have checked that the user object has value for that attribute. Anyone

can

Post by Henry
see what am I doing wrong here?
Thanks
Henry

Henry

2004-07-02 03:03:01 UTC

I'm able to retrieve the "msDS-UserPasswordExpired" attribute value using
search or bind directly only if the RefreshCache method is called with
propertyNames defined. So I guess both of you are right, thanks for the
suggestions, my problem solved.

Henry

Post by Lee Flight
Hi Joe,
I'm sure SearchResult will give the value (I just tried it against an ADAM
instance).
I guess the problem is that msDS-UserPasswordExpired is a constructed
attribute
and so the DirectoryEntry would need an explicit RefreshCache for that
property.
Thanks
Lee Flight

Post by Joe Kaplan (MVP - ADSI)
What happens when you try to get the value from the SearchResult directly
instead of getting it from the DirectoryEntry?
Joe K.

Post by Henry
Forgot to mention, I'm using ADAM here. Anyone?

Post by Henry
I have the following code,
string ldapPath =

@"LDAP://DEV-DB1:50000/OU=Customers,O=MyDomain,C=us";

Post by Henry
string userName = "CN=Admin,O=MyDomain,C=us";
string password = "Abcde1234";
string queryFilter =

string.Format("(&(&(objectClass=user)(objectCategory=person))(|(cn={0})))",

deContainer.Dispose(); }

Post by Henry
have checked that the user object has value for that attribute. Anyone

can

Post by Henry
see what am I doing wrong here?
Thanks
Henry

p***@gmail.com

2014-10-27 20:49:15 UTC

Post by Henry
I'm able to retrieve the "msDS-UserPasswordExpired" attribute value using
search or bind directly only if the RefreshCache method is called with
propertyNames defined. So I guess both of you are right, thanks for the
suggestions, my problem solved.
Henry

Post by Joe Kaplan (MVP - ADSI)
What happens when you try to get the value from the SearchResult

directly

Post by Joe Kaplan (MVP - ADSI)
instead of getting it from the DirectoryEntry?
Joe K.

Post by Henry
Forgot to mention, I'm using ADAM here. Anyone?

Post by Henry
I have the following code,
string ldapPath =

@"LDAP://DEV-DB1:50000/OU=Customers,O=MyDomain,C=us";

Post by Henry
string userName = "CN=Admin,O=MyDomain,C=us";
string password = "Abcde1234";
string queryFilter =

string.Format("(&(&(objectClass=user)(objectCategory=person))(|(cn={0})))",

deContainer.Dispose(); }

exists.

Post by Joe Kaplan (MVP - ADSI)
I

Post by Henry
have checked that the user object has value for that attribute.

Anyone

Post by Joe Kaplan (MVP - ADSI)
can

Post by Henry
see what am I doing wrong here?
Thanks
Henry

Hello All,

I am trying to retrieve this attribute msDs-userPasswordExpired using spring LDAP libraries based on Java

I am not able to create directory entry , let me know if any one has idea on this

p***@gmail.com

2014-10-27 20:49:59 UTC