Adaxes

Password never expires SDK

0 votes

How can I set that a password never expires for an AD account through SDK scripting?

eg:
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")

$userDN = "[DN]"
$user = $admService.OpenObject("Adaxes://$userDN", $NULL, $NULL, 0)

$user.Put ?
$user.SetInfo()

With regards,

Thnx Remco

by (780 points)

1 Answer

0 votes
by (216k points)

Hello Remco,

To set the Password never expires option for a user, you need to set the ADS_UF_DONT_EXPIRE_PASSWD flag in Account Options. Also, you need to disable the User must change password at next logon option (if it is set), which is the same as assigning the value of -1 to the Password Last Set property.

Here's an example on how to do this with the help of a script:

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")

$userDN = "CN=John Smith,CN=Users,DC=example,DC=com"
$user = $admService.OpenObject("Adaxes://$userDN", $NULL, $NULL, 0)

[int]$passwordNeverExpires = [Softerra.Adaxes.Interop.Adsi.PersistentObjects.ADS_USER_FLAG_ENUM]::ADS_UF_DONT_EXPIRE_PASSWD

# Set the 'Password never expires' flag for the user
$user.Put("userAccountControl", $passwordNeverExpires)

# Set a bitmask for the Account Options property so that 
# only the 'Password never expires' flag gets updated
$user.PutPropertyItemMask("userAccountControl", $passwordNeverExpires)

# Remove the 'User must change password at next logon' flag if it is set
$passwordLastSet = $user.Get("pwdLastSet")
if ($passwordLastSet -eq 0)
{
    $user.Put("pwdLastSet", -1)
}

# Save changes
$user.SetInfo()

Related questions

0 votes
1 answer
Remove "Password Never Expires" Check Box

Hello, is there a way to remove "Password Never Expires" Check Box only from the "Reset Password" operation dialog? I see you can hide the whole Account Options section and ... . But I would like just to remove the "Password Never Expires" check box. Cheers

asked Feb 5, 2016 by jheisley (590 points)
0 votes
1 answer
How do I add column for Days until password expires

I've got the script working as is and would like to add a column to display the number of days left before the password expires. I attempted to use adm-AccountExpiresDaysLeft ... error, probably because I don't know how to convert it to a displayable format.

asked Feb 12, 2021 by sandramnc (870 points)
0 votes
1 answer
Helpdesk "Password Expires"

We have a pretty generic installation of Adaxes 2013.1. We'd like the HelpDesk to be able to see the Password Expiration date. Currently they see "Password Expires ... 'Password Last Set' Property User Allow Write 'User Cannot Change Password' Property User

asked Aug 21, 2013 by theckel (520 points)
0 votes
1 answer
Recently/Never logged on users reports - incorrect

Hello, My "Never logged on users" report also shows users that recently logged on. My "Recently logged on users" report shows nobody. How can we change this? Best regards, Roel

asked Jan 30, 2013 by roel (40 points)
0 votes
1 answer
Do you use AzureAD module or Microsoft Graph SDK module for managing Azure?

Is in Adaxes used (soon deprecated) AzureAD module for managing Azure/ Office 365 somewhere? Or is it using Microsoft Graph SDK module completely?

asked Feb 27, 2023 by KIT (910 points)
3,348 questions
3,049 answers
7,791 comments
545,058 users