I’ll be the first to admit that this is cut and past programming. I’ve never looked at AD before, and really don’t understand it. I suppose that’s my next study…
Anyways, This is some test code, which should display the expiry date — either as something readable, or in ticks — it doesn’t matter. (It’s a web form, which is running on the dev webserver.)
What I get instead is: ‘System.__ComObject ‘
DirectorySearcher searcher = new DirectorySearcher(); searcher.Filter = String.Format( '(SAMAccountName={0})', 'TestA33' ); searcher.PropertiesToLoad.Add( 'cn' ); SearchResult result = searcher.FindOne(); DirectoryEntry uEntry = result.GetDirectoryEntry(); String expiry = uEntry.Properties['accountExpires'].Value.ToString(); Response.Write( expiry );
It’s because the property value is represented using the ADSI IADsLargeInteger COM interface and needs to be converted to a .NET date. Although I haven’t tried it, there is a sample that shows how here: http://www.simple-talk.com/dotnet/.net-framework/building-active-directory-wrappers-in-.net/