检查Active Directory密码过期的此VBScript代码的C＃模拟是什么？

Question

我有以下VBScript脚本来检查Active Directory用户帐户的密码过期。有人能帮我把这段代码转换成C＃吗？非常感谢。

Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000 
Const E_ADS_PROPERTY_NOT_FOUND = &h8000500D 
Const ONE_HUNDRED_NANOSECOND = .000000100 
Const SECONDS_IN_DAY   = 86400 

Set objADSystemInfo = CreateObject("ADSystemInfo")    ' LINE 8 
Set objUser = GetObject("LDAP://" & objADSystemInfo.UserName) ' LINE 9 

intUserAccountControl = objUser.Get("userAccountControl") 
If intUserAccountControl And ADS_UF_DONT_EXPIRE_PASSWD Then 
    WScript.Echo "The password does not expire." 
    WScript.Quit 
Else 
    dtmValue = objUser.PasswordLastChanged 
    If Err.Number = E_ADS_PROPERTY_NOT_FOUND Then 
     WScript.Echo "The password has never been set." 
     WScript.Quit 
    Else 
     intTimeInterval = Int(Now - dtmValue) 
     WScript.Echo "The password was last set on " & _ 
      DateValue(dtmValue) & " at " & TimeValue(dtmValue) & vbCrLf & _ 
      "The difference between when the password was last" & vbCrLf & _ 
      "set and today is " & intTimeInterval & " days" 
    End If 

    Set objDomain = GetObject("LDAP://" & objADSystemInfo.DomainDNSName) 
    Set objMaxPwdAge = objDomain.Get("maxPwdAge") 

    If objMaxPwdAge.LowPart = 0 Then 
     WScript.Echo "The Maximum Password Age is set to 0 in the " & _ 
        "domain. Therefore, the password does not expire." 
     WScript.Quit 
    Else 
     dblMaxPwdNano = _ 
      Abs(objMaxPwdAge.HighPart * 2^32 + objMaxPwdAge.LowPart) 
     dblMaxPwdSecs = dblMaxPwdNano * ONE_HUNDRED_NANOSECOND 
     dblMaxPwdDays = Int(dblMaxPwdSecs/SECONDS_IN_DAY) 
     WScript.Echo "Maximum password age is " & dblMaxPwdDays & " days" 

     If intTimeInterval >= dblMaxPwdDays Then 
      WScript.Echo "The password has expired." 
     Else 
      WScript.Echo "The password will expire on " & _ 
       DateValue(dtmValue + dblMaxPwdDays) & " (" & _ 
       Int((dtmValue + dblMaxPwdDays) - Now) & " days from today)." 
     End If 
    End If 
End If 

Answer 1

您可以在这本书中的脚本一看： http://msdn.microsoft.com/en-us/vbrun/ms788236.aspx

Answer 2

我不得不创建一个警告用户他们的密码到期更好的应用程序。他们讨厌XenApp环境中的Windows警告。这是我写的处理到期检查的方法。

public static bool WarnUser(int passwordValidityPeriod, int passwordExpirationWarningPeriod, out int daysUntilExpiration) 
    { 
     TimeSpan due; 
     bool result = false; 
     TimeSpan pwdExpirationWarningPeriod = new TimeSpan(passwordExpirationWarningPeriod, 0, 0, 0); 
     TimeSpan pwdValidityPeriod = new TimeSpan(passwordValidityPeriod, 0, 0, 0); 
     DirectoryEntry searchRoot = new DirectoryEntry(@"LDAP://DC=YOUR_DOMAIN,DC=com"); 
     DirectorySearcher search = new DirectorySearcher(searchRoot); 
     search.Filter = String.Format("(&(objectClass=user)(objectCategory=person)(sAMAccountName={0}))", Environment.UserName); 
     search.PropertiesToLoad.Add("pwdLastSet"); 
     search.PropertiesToLoad.Add("userAccountControl"); 
     SearchResult sr = search.FindOne(); 
     UserAccountControl uac = (UserAccountControl)sr.Properties["userAccountControl"][0]; 
     var pwdLastSet = DateTime.FromFileTime(long.Parse(sr.Properties["pwdLastSet"][0].ToString())); 
     TimeSpan difference = DateTime.Now.Subtract(pwdLastSet); 
     due = pwdValidityPeriod - difference; 
     //Check for non expiring passwords and do nothing when one is encountered. 
     if (!uac.HasFlag(UserAccountControl.DONT_EXPIRE_PASSWD)) 
     { 
      if ((pwdValidityPeriod - difference) <= pwdExpirationWarningPeriod) 
      { 
       result = true; 
      } 
     } 
     daysUntilExpiration = ((int)due.TotalDays < 0) ? 0 : (int)due.TotalDays; 
     return result; 
    } 
}