ldap badPasswordTime如何转换

ldap badPasswordTime如何转换

ldapsearch工具可以顺利的搜索AD中的记录，下面带来在C＃中将LDAP AccountExpires转换为DateTime的方法。

AD的用户的objectclass为User,默认的用户记录位于Users下,而Users的objectclass就是Container.这样一个AD用户的DN可能是"cn=username,cn=users,dc=domain-suffix".AD默认的安全策略不允许"空"绑定(既bind(""等DN为空的一系列绑定函数).

命令如下:ldapsearch -x -W -D "cn=administrator,cn=users,dc=osdn,dc=zzti,dc=edu,dc=cn" -b "cn=administrator,cn=users,dc=osdn,dc=zzti,dc=edu,dc=cn" -h troy.osdn.zzti.edu.cn这样就回返回用户administrator的信息:# extended LDIF## LDAPv3# base ; with scope sub# filter: (objectclass=*)# requesting: AL

# Administrator, Users, osdn.zzti.edu.cndn: CN=Administrator,CN=Users,DC=osdn,DC=zzti,DC=edu,DC=cnobjectClass: topobjectClass: personobjectClass: organizationalPersonobjectClass: usercn: Administratordescription:: 566h55CG6K6h566X5py6KOWfnynnmoTlhoXnva7luJDmiLc=distinguishedName: CN=Administrator,CN=Users,DC=osdn,DC=zzti,DC=edu,DC=cninstanceType: 4whenCreated: 20040820145628.0ZwhenChanged: 20040820151744.0ZuSNCreated: 8194memberOf: CN=Group Policy Creator Owners,CN=Users,DC=osdn,DC=zzti,DC=edu,DC=cnmemberOf: CN=Domain Admins,CN=Users,DC=osdn,DC=zzti,DC=edu,DC=cnmemberOf: CN=Enterprise Admins,CN=Users,DC=osdn,DC=zzti,DC=edu,DC=cnmemberOf: CN=Schema Admins,CN=Users,DC=osdn,DC=zzti,DC=edu,DC=cnmemberOf: CN=Administrators,CN=Builtin,DC=osdn,DC=zzti,DC=edu,DC=cn

输入代码：

uSNChanged: 13895name: AdministratorobjectGUID:: z44SriNF40SGBgQson8RtA==userAccountControl: 66048badPwdCount: 0codePage: 0countryCode: 0badPasswordTime: 127375629853437500lastLogoff: 0lastLogon: 127375630164843750pwdLastSet: 127374851807500000primaryGroupID: 513objectSid:: AQUAAAAAAAUVAAAAfA5HVz/NVF7R0u429AEAAA==adminCount: 1accountExpires: 9223372036854775807logonCount: 17sAMAccountName: AdministratorsAMAccountType: 805306368objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=osdn,DC=zzti,DC=edu,DC=cnisCriticalSystemObject: TRUE

最后输入

# search resultsearch: 2result: 0 Success# numResponses: 2# numEntries: 1