on 07-28-2011 2:58 PM
Hi,
actually I have problem with the integration of the Active Directory to the IDM.
Our intention is to provisioin the validTo-Date to the Active Directory. Unfortunately it seems that sometimes the last day, and sometimes the last two days of the validity range are going lost.
Does any one has the same problem and, may be, a solution?
I found out, that AD doesn't store the attribute as an date like 28.July 2011. It saves the date as a large Integer (18 Digits), counting milli or nano seconds from January, 1st, 1601 and devided into a low part and a high part.
Kind regards,
Achim Heinekamp
I wrote a script to use to convert dates to the AD format:
// Main function: _vlo_convertToADValidToDate
function _vlo_convertToADValidToDate(Par){
var dateLong = 1;
if ( Par == null || Par == "" )
{
uWarning("Set accountExpires to Never Expire (0)");
dateLong = 0;
}
else
{
try {
var validityDate = new String(Par);
var df = java.text.SimpleDateFormat("yyyy-MM-dd");
df.setTimeZone(java.util.TimeZone.getTimeZone("UTC"));
var calcDate = df.parse(validityDate);
dateLong = (calcDate.getTime() + 11644473600000) * 10000 + (48 * 60 * 60 * 10000000); //h * m * s
//uWarning("Set accountExpires = " + dateLong + " (" + validityDate + ")");
} catch (e) {
uWarning("Parsing validityDate '" + validityDate + "'failed, expiring account.");
uWarning(e);
dateLong = 128970324000000000;
}
}
return dateLong;
}
That is what we use. Hope that helps.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
81 | |
9 | |
9 | |
7 | |
7 | |
6 | |
6 | |
6 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.