We're trying to implement a Password Expiration handling mechanism in a ASP.NET MVC app using Active Directory for authorization, and we need access to Maximum Password Age value to provide a correct expiration period. However, we've not been able to access the value/property via these instructions (or similar approaches), using the DirectoryEntry API:

我们正在尝试使用Active Directory在ASP.NET MVC应用程序中实现密码到期处理机制以进行授权，我们需要访问Maximum Password Age值以提供正确的有效期。但是，我们无法使用DirectoryEntry API通过这些说明（或类似方法）访问值/属性：

How can I get 'minimum password age' of user in active directory using asp.net?

如何使用asp.net获取活动目录中用户的“最小密码使用期限”？

Determine the maximum password age in Active Directory

确定Active Directory中的最长密码期限

In each case we simply get a NULL value for property maxPwdAge. We also query for MaxPwdAge, MaxPasswordAge, and MaximumPasswordAge (some sources suggested different property names). We also searched against different domain objects, namely the root container and the Users container to no avail.

在每种情况下，我们只需获取属性maxPwdAge的NULL值。我们还查询MaxPwdAge，MaxPasswordAge和MaximumPasswordAge（一些来源建议使用不同的属性名称）。我们还搜索了不同的域对象，即根容器和Users容器无济于事。

Is there any way to find the Maximum Password Age programmatically using the DirectoryEntry API. Or alternatively, the PrincipalContext API?

有没有办法使用DirectoryEntry API以编程方式查找最大密码年龄。或者，PrincipalContext API？

1 个解决方案

#1

---