How to convert Active Directory pwdLastSet to Date/Time

StackOverflow https://stackoverflow.com/questions/18614810

Question 

    public static string GetProperty(SearchResult searchResult, string PropertyName)
    {
        if (searchResult.Properties.Contains(PropertyName))
        {
            return searchResult.Properties[PropertyName][0].ToString();
        }
        else
        {
            return string.Empty;
        }
    }

The above method works great for most Active Directory properties except those that are related to date/time such as pwdLastSet, maxPwdAge, etc.

My question is how to I get the pwdLastSet to a human readable datetime (like 8/13/2013 or August 13, 2013, etc)

I've tries this but it threw exceptions 

public static Int64 ConvertADSLargeIntegerToInt64(object adsLargeInteger)
{
    var highPart = (Int32)adsLargeInteger.GetType().InvokeMember("HighPart", System.Reflection.BindingFlags.GetProperty, null, adsLargeInteger, null);
    var lowPart = (Int32)adsLargeInteger.GetType().InvokeMember("LowPart", System.Reflection.BindingFlags.GetProperty, null, adsLargeInteger, null);
    return highPart * ((Int64)UInt32.MaxValue + 1) + lowPart;
}

I am using the following code to get the time as an Int64

Int64 passwordLastSet = ConvertADSLargeIntegerToInt64(objResult.Properties["pwdLastSet"][0]);

Then I plan on using the DateTime(Int64) constructor to create a DateTime

Was it helpful?

Solution

According to the MSDN documentation:

This value is stored as a large integer that represents the number of 100 nanosecond intervals since January 1, 1601 (UTC).

This aligns perfectly with DateTime.FromFileTimeUtc, as described here.

And I'm not sure why you feel the need to do the low level manipulation of the integer. I think you could just cast it.

So just do:

long value = (long)objResult.Properties["pwdLastSet"][0];
DateTime pwdLastSet = DateTime.FromFileTimeUtc(value);

OTHER TIPS

You can get the last password set date of a directory user in human readable form as easy as pie. To achieve this you can use nullable LastPasswordSet property of UserPrincipal class from System.DirectoryServices.AccountManagement namespace.

If User must change password at next logon option is checked then LastPasswordSet property returns null value. Otherwise it returns the last date and time the password was set in type DateTime.

using(PrincipalContext context = new PrincipalContext(ContextType.Domain))
{
    UserPrincipal user = UserPrincipal.FindByIdentity(context, IdentityType.SamAccountName, Username);
    //? - to mark DateTime type as nullable
    DateTime? pwdLastSet = (DateTime?)user.LastPasswordSet;
    ...
}

MSDN: UserPrincipal
MSDN: LastPasswordSet

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top