Today i was develop password change portal.
in there i have some problem, that is “Change password when next logon”
So, i research to DirectorService for C#(.NET is same)
Finally found solution.
we need to 2 properties in Directoryentry
pwdLastSet is value is 0, It’s “Change password when next logon” set
But this value only use to set. If you want to “Change password when next logon” unset. just to change password. its more to good.
And Some user account need to check for “LOCK” this value you can check UserAccountControl
this value mean we can know below table.
UF_TEMP_DUPLICATE_ACCOUNT = 0x0100,
UF_NORMAL_ACCOUNT = 0x0200,
UF_INTERDOMAIN_TRUST_ACCOUNT = 0x0800,
UF_WORKSTATION_TRUST_ACCOUNT = 0x1000,
UF_SERVER_TRUST_ACCOUNT = 0x2000,
UF_DONT_EXPIRE_PASSWD = 0x10000,
UF_SCRIPT = 0x0001,
UF_ACCOUNTDISABLE = 0x0002,
UF_HOMEDIR_REQUIRED = 0x0008,
UF_LOCKOUT = 0x0010,
UF_PASSWD_NOTREQD = 0x0020,
UF_PASSWD_CANT_CHANGE = 0x0040,
UF_ACCOUNT_LOCKOUT = 0X0010,
UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED = 0X0080,
UF_EXPIRE_USER_PASSWORD = 0x800000,
If user account lock UserAccountControl is value is 0x0010
And You can check account state LDAP result.
ERROR_INVALID_PASSWORD = 0x56,
ERROR_PASSWORD_RESTRICTION = 0x52D,
ERROR_LOGON_FAILURE = 0x52e,
ERROR_ACCOUNT_RESTRICTION = 0x52f,
ERROR_INVALID_LOGON_HOURS = 0x530,
ERROR_INVALID_WORKSTATION = 0x531,
ERROR_PASSWORD_EXPIRED = 0x532,
ERROR_ACCOUNT_DISABLED = 0x533,
ERROR_ACCOUNT_EXPIRED = 0x701,
ERROR_PASSWORD_MUST_CHANGE = 0x773,
ERROR_ACCOUNT_LOCKED_OUT = 0x775,
ERROR_ENTRY_EXISTS = 0x2071,
If you want to check more code click to link http://www.lifeasbob.com/code/errorcodes.aspx