AccountExpires attribute within Microsoft ActiveDi...

Former Member · ‎07-28-2011

Hi,

actually I have problem with the integration of the Active Directory to the IDM.

Our intention is to provisioin the validTo-Date to the Active Directory. Unfortunately it seems that sometimes the last day, and sometimes the last two days of the validity range are going lost.

Does any one has the same problem and, may be, a solution?

I found out, that AD doesn't store the attribute as an date like 28.July 2011. It saves the date as a large Integer (18 Digits), counting milli or nano seconds from January, 1st, 1601 and devided into a low part and a high part.

Kind regards,

Achim Heinekamp

Former Member · ‎08-15-2011

I wrote a script to use to convert dates to the AD format:


// Main function: _vlo_convertToADValidToDate

function _vlo_convertToADValidToDate(Par){
	var dateLong = 1;
	if ( Par == null || Par == "" )
	{
		uWarning("Set accountExpires to Never Expire (0)");
		dateLong = 0;
	}
	else
	{
		try {
			var validityDate = new String(Par);
			var df = java.text.SimpleDateFormat("yyyy-MM-dd");
			df.setTimeZone(java.util.TimeZone.getTimeZone("UTC"));
			var calcDate = df.parse(validityDate);
			dateLong = (calcDate.getTime() + 11644473600000) * 10000 + (48 * 60 * 60 * 10000000); //h * m * s
			//uWarning("Set accountExpires = " + dateLong + " (" + validityDate + ")");
		} catch (e) {
			uWarning("Parsing validityDate '" + validityDate + "'failed, expiring account.");
			uWarning(e);
			dateLong = 128970324000000000;
		}
	}

	return dateLong;
}

That is what we use. Hope that helps.

AccountExpires attribute within Microsoft ActiveDirectory

Accepted Solutions (0)

Answers (1)

Answers (1)

CEWB Updating Materials Replacement materials

Re: Can't we multiply decimal numbers in SAP ABAP?

Re: MDG BAdI just after updating Material related ...

Re: FedML SAP Datasphere & Databricks

Correlation id as part of Application logs