AD Date Issue

When you are calling that attribute ADSI is grabbing the value of “accountExpires” and casting the number of 100-nanosecond intervals since Jan 1, 1601 to an understandable datetime.

So far when I look at the “accountExpires” date in Softerra (doing a literal lookup on the date value and converting), or looking in my C# code—I get back the 4/21/2009 4:00:00 AM CST or equivalent 4/20/2009 11:00:00 PM GMT dates.

The really odd thing is that basically ADSI’s internal conversion routine is not following whatever accepted conversions are for .NET or Java.

Here is my C# code:

protected void Page_Load(object sender, EventArgs e)
{
//assume 'user' is DirectoryEntry representing user to check
DateTime expires = DateTime.FromFileTime(GetInt64(@"cn=wertman\, pam,ou=users,ou=cnc,OU=AIT,DC=us,DC=aegon,DC=com", "accountExpires"));
Response.Write(expires);
}

private Int64 GetInt64(string userDN, string attr)
{
DirectoryEntry root = null;
using (root = new DirectoryEntry(
@"LDAP://crdcusdc01.us.aegon.com:389/" + userDN,
username,
password,
bindingAuth
))
{
DirectorySearcher ds = new DirectorySearcher(
root,
String.Format("({0}=*)", attr),
new string[] { attr },
SearchScope.Base
);

SearchResult sr = ds.FindOne();

if (sr != null)
{
if (sr.Properties.Contains(attr))
{
return (Int64)sr.Properties[attr][0];
}
}
return -1;
}
}

C# code is a curtosy of one of my colleagues - Mark Morrison.