This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Remove From My Forums

update LargeInteger field using powershell & DirectoryServices

Question
0

Sign in to vote

Hello

I want to update AD attribute (largeInteger) using powershell and directoryservices class and getting unspecified error when running the code..

$newObj1 = New-Object DirectoryServices.DirectoryEntry("LDAP://CN=myuser,OU=myOU,DC=mydomain,DC=com", "mydomain\myID", "Mypwd")
$xxDate = Get-Date
$xxDate = $xxDate.ToFileTime()
$newObj1.Properties["ms-MCS-AdmPwdExpirationTime"].Value = $xxDate
$newObj1.CommitChanges()

Saturday, October 27, 2018 10:59 PM

Answers

0

Sign in to vote
wrong.. I have developed self service LAPS solution using ActiveRoles.. and when user see the password, i force it to expire after two hours instead of default GPO expiration..

I've figured out the solution anyways.. Thanks..

$newObj1.psBase.invoke("put", "ms-mcs-admpwdExpirationTime", "$xxDate")

$newObj1.CommitChanges()
- Marked as answer by vikAM Sunday, October 28, 2018 12:47 AM
Sunday, October 28, 2018 12:47 AM

All replies

0

Sign in to vote
That is because that property does not exist on that object and it is not a settable prpoperty.

See LAPS documentation on how to reset the password expiration.

\_(ツ)_/
- Edited by jrv Saturday, October 27, 2018 11:40 PM
Saturday, October 27, 2018 11:38 PM
0

Sign in to vote
wrong.. I have developed self service LAPS solution using ActiveRoles.. and when user see the password, i force it to expire after two hours instead of default GPO expiration..

I've figured out the solution anyways.. Thanks..

$newObj1.psBase.invoke("put", "ms-mcs-admpwdExpirationTime", "$xxDate")

$newObj1.CommitChanges()
- Marked as answer by vikAM Sunday, October 28, 2018 12:47 AM
Sunday, October 28, 2018 12:47 AM
0

Sign in to vote

That will work if you have installed the LAPS schema extensions which you obviously have.

\_(ツ)_/

Sunday, October 28, 2018 1:03 AM