Hello All
Can someone please help me with the following query
This little function below will get a users attribute value
functionGet-UserAttribute {param([string]$sAMAccountName,$Attribute)
[int]$sAMAccountType= 805306368# normal user account, other options avaialble
$user= ([System.DirectoryServices.DirectorySearcher]"(&(sAMAccountType=$sAMAccountType)(sAMAccountName=$sAMAccountName))").FindOne().GetDirectoryEntry()
$user=$user.NativeObject
return [System.__ComObject].InvokeMember($Attribute,[System.Reflection.BindingFlags]::GetProperty,$null,$User,$null)
}
e.g.
Get-UserAttribute "Ernie" "profilePath"
So no worries there, now I want to get "LockoutTime"
Which I understand is expressed in Ticks (100 nanosecond increments) which have passed since 1/1/1600 (or should that be 1/1/1601)
Once I get the Int64 number I will convert to a date time, by problem for now is getting this int64 value in the first place.
I see that the property LockoutTime is also returned as a ComObject e.g.
$Obj = ([adsi]LDAP://cn=Ernie,OU=Ernies-ad,OU=local).LockoutTime
I cannot seem to use the same reflection mythology I am using above to get the "value" of the LockoutTime
Although I realise it would be much easier to load and use a module, I do not want to do this as it will not help me learn
Any help much appreciated
On a final point I understand [ADSI] aka System.DirectoryServices.DirectoryEntry sits on top of COM e.g. wraps the COM methods etc. to make it more intuitive to access AD. I am thinking the reason for the ComObjects being return is because not all members (and therefore methods and properties etc.) have been exposed for the [ADSI] interface as the developer probably thought they would not use used and therefore not in the assembly meta data and thereby you have to use reflection to get at them.
Please bear in mind I am "new" to all this so, be kind if I make mistakes/miss-understand :)
Ernie