Re: Active Directory Expiration Notification

We have a complete sample on doing password expiration notifications against
AD in .NET in our book in ch. 10. You can download ch 10 for free from the
website in the link below, as well as the code samples from the book. The
book itself is not free, but it might help you out in general if you need a
good reference on .NET directory services programming. The website also has
a support forum.

Password expiration is determined by the domain password expiration policy
and the pwdLastSet attribute on the user object. pwdLastSet contains an 8
byte "large" integer that stores a Windows FILETIME that specifies the date
the password was last set, or the value 0 if the user must change password
at next logon (or is not set at all if the user has never set a password).

By comparing the current date and the domain password expiration policy to
the user's pwdLastSet value, you can determine when the password will
expire. All the details are in the book.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"PaulB" <PaulB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:679994C8-AB8E-462F-866A-CBE1D9461D3B@xxxxxxxxxxxxxxxx
I am trying to retrieve the number of days before password expiration that
a
user should be warned that their password will be expired. The property is
set by setting the value for "Prompt user to change password before
expiration" in the security policy.

I am using C# and the directory services namespace to retrieve the AD
properties. For 2003 I found a property called ShadowWarning that contains
this value. Two questions, first is this the proper AD property to check
for
this value in 2003. Secondly, what property in 2000 server would I check
to
retrieve this value??


.