Set Windows/AD password so that it “never expires”?

Question

Here is my code:

using (DirectoryEntry AD = new DirectoryEntry(\"WinNT://\" + Environment.MachineName +    \",computer\"))
{
   DirectoryEntry NewUser = AD.C         


        

Answer 1

If you're on .NET 3.5 and up, you should check out the System.DirectoryServices.AccountManagement (S.DS.AM) namespace. Read all about it here:

• Managing Directory Security Principals in the .NET Framework 3.5
• MSDN docs on System.DirectoryServices.AccountManagement

Basically, you can define a machine context and easily create new users on your local server:

// set up machine-level context
using (PrincipalContext ctx = new PrincipalContext(ContextType.Machine))
{
    // create new user
    UserPrincipal newUser = new UserPrincipal(ctx);

    // set some properties
    newUser.SamAccountName = "Sam";
    newUser.DisplayName = "Sam Doe";

    // define new user to be enabled and password never expires
    newUser.Enabled = true;
    newUser.PasswordNeverExpires = true;

    // save new user
    newUser.Save();
}

The new S.DS.AM makes it really easy to play around with users and groups in AD!