Hi,
I'm managing AD accounts from a Unix system via LDAP. I'm trying to set
the accountExpires field with the proper value.
The schema definition for the field is as follows;
Syntax - INTEGER8
OID - 1.2.840.113556.1.4.159
Digging deeper I find that this field is the number of seconds since
00:00:00 on Jan 1, 1970 (Unix epoch time) expressed as a large integer.
For example - if I set an account (using AD Users&Computers) with a
account expiration date of Friday March 1, 2002 and then look at that
field using ldapsearch the field is
accountExpires: 126595224000000000
If you convert that number (in seconds) to a date you get December 31st,
1969 as it is larger than expected by any of the perl code I've used.
If you convert the date, Friday March 1, 2002 to seconds since the epoch
you get 1014962400 seconds. If you plug that number in as a expiration
date via a ldapmodify to an account the date AD U&C returns is Thursday
Feb 14, 2002. Setting to any date using epoch seconds seems to set to
the current date.
So after all that - does anyone know exactly how to calculate the number
for that field?
tia, al
--
Al Lilianstrom
CD/OSS/CSI
[EMAIL PROTECTED]
List info : http://www.activedir.org/mail_list.htm
List FAQ : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
