Question How to get user password expiry dates in Windows Server 2008

[bluezerk]

Hi all, I'm currently trying to use VB .NET to determine each user's password expiry date in Windows Server 2008. Sad to say I'm stuck and have no idea how to begin. I've tried searching msdn and the libraries (or classes) are too complicated for me to understand and use.

QueryContextAttributes (General) Function (Windows)

Not sure if the above link is appropriate for what I want to achieve. I would be extremely grateful if someone could guide me on how to begin, or point me in the right direction. Thanks in advance!

Just to add on, the server is a standalone server and thus no AD is involved.

 

[bluezerk]

Can anyone help me please?
Even a hint will do.

Thanks in advance!

 

[JohnH]

Try this: CodeProject: Get a User's Full Name. (UserPrincipal class, AccountExpirationDate property)

 

[bluezerk]

Try this: CodeProject: Get a User's Full Name. (UserPrinciple class, AccountExpirationDate property)

Thanks JohnH! I've tried using the codes as shown below but it resulted in an error. "lblgetpwdexpiry" is the name of the label which I want to use for the display of the expiration date.

Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
        Try
            Dim AccExpiry As Date = UserPrincipal.Current.AccountExpirationDate()
            lblgetpwdexpiry.Text = AccExpiry.ToString
        Catch ex As Exception
            MsgBox(ex.ToString)
            MsgBox("Error getting account expiry date")
        End Try
    End Sub

The above codes resulted in an error: Nullable object must have a value


I googled more and found this link: AuthenticablePrincipal.AccountExpirationDate Property (System.DirectoryServices.AccountManagement)

Using the above URL, I tried this:

Public Property AccountExpirationDate() As Nullable(Of DateTime)
        Get
            
        End Get
        Set(ByVal value As Nullable(Of DateTime))

        End Set
    End Property

    Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
        Try
            'Dim AccExpiry As Date = UserPrincipal.Current.AccountExpirationDate()
            Dim instance As AuthenticablePrincipal = Nothing
            Dim value As Nullable(Of DateTime)
            value = instance.AccountExpirationDate
            lblgetpwdexpiry.Text = value.ToString
        Catch ex As Exception
            MsgBox(ex.ToString)
            MsgBox("Error getting account expiry date")
        End Try
    End Sub

However, it returned the error: Object reference not set to an instance of an object. I know it's rather noobish but can anyone help me please? Thanks in advance!

 

[JohnH]

AccountExpirationDate property returns a Nullable(Of Date), or "Public Property AccountExpirationDate As Nullable(Of DateTime)" as it says in documentation.

Dim AccExpiry As Nullable(Of Date) = UserPrincipal.Current.AccountExpirationDate

 

[bluezerk]

AccountExpirationDate property returns a Nullable(Of Date), or "Public Property AccountExpirationDate As Nullable(Of DateTime)" as it says in documentation.

Dim AccExpiry As Nullable(Of Date) = UserPrincipal.Current.AccountExpirationDate

Thanks for the prompt reply. I've already tried the above codes before There's no error, but there's no result (as in the label doesn't display anything) either. Am I missing out something?

Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
        Try
            Dim AccExpiry As Nullable(Of Date) = UserPrincipal.Current.AccountExpirationDate()
            lblgetpwdexpiry.Text = AccExpiry.ToString      <--- [label doesn't display anything]           
        Catch ex As Exception
            MsgBox(ex.ToString)
            MsgBox("Error getting account expiry date")
        End Try
    End Sub

 

[JohnH]

That means no Date was returned, ie the Nullable.HasValue is False, and the value is thus Nothing. There could be various reasons for this, perhaps PasswordNeverExpires is True? Perhaps you're not connected to a domain server and gets the local principal info when you retrieve Current, rather than a workgroup/domain/AD server account? Here's one example doing that:

Dim ct = New PrincipalContext(ContextType.Machine, "servername")
Dim pr = UserPrincipal.FindByIdentity(ct, "accountname")
Dim exp = pr.AccountExpirationDate

Exploring the options for these objects/methods and DirectoryServices.AccountManagement in general is the best advice I can give you here.

 

[bluezerk]

That means no Date was returned, ie the Nullable.HasValue is False, and the value is thus Nothing. There could be various reasons for this, perhaps PasswordNeverExpires is True? Perhaps you're not connected to a domain server and gets the local principal info when you retrieve Current, rather than a workgroup/domain/AD server account? Here's one example doing that:

Dim ct = New PrincipalContext(ContextType.Machine, "servername")
Dim pr = UserPrincipal.FindByIdentity(ct, "accountname")
Dim exp = pr.AccountExpirationDate

Exploring the options for these objects/methods and DirectoryServices.AccountManagement in general is the best advice I can give you here.

Thanks for the prompt response once again
Just to make sure that we are on the same page, I'm trying to find the password expiration date of an account on a standalone Windows 2008 Server.
Do correct me if I'm wrong, but I think the above codes are more applicable for servers with AD accounts?
Is DirectoryServices.AccountManagement still applicable if I want to find accounts on standalone Windows servers ?

 

[JohnH]

AccountManagement is applicable for any kind of account management, both for local and remote machine. The Current instance retrieved is for the account currently logged in as, which would be the local account or the remote server account in a domain. The ContextType sample was provided to show how to get the account info from another machine in network, for example in a workgroup (as was tested with that code), and the options you have there to connect to various types of account management systems in different contexts.