It is indeed read-only in Windows 2000. You could always script changes in date and time.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rex Wheeler Sent: 16 June 2003 18:05 To: [EMAIL PROTECTED] We are doing some integration work allowing other platforms (unix) to authenticate against Active Directory. We have succeeded in making this happen but are running into testing challenges. We would like to be able to write test scripts to verify that account and password expiration logic is working correctly. For example we want to test that if you have a policy that says you must change your password every 30 days and you last changed your password 25 days ago, you should get a warning message saying that you have 5 days to change your password. The problem is that we can't seem to update the pwdLastSet attribute. How can the value of this attribute be set? If it can not, does anyone have any ideas how to test such expiration logic without spending days of wall clock time? Thanks, Rex List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
