NetTalk Central

Author Topic: LDAP attribute pwdLastSet  (Read 1429 times)

mmelby

  • Newbie
  • *
  • Posts: 35
    • View Profile
    • Email
LDAP attribute pwdLastSet
« on: May 04, 2022, 08:20:05 AM »
Using the NetTalk LDAP demo I am successfully connecting to my Microsoft AD server. I am setting the user filter. When I click the Get Attribute button I get a lot of nice attributes but not the one I am looking for. There should be an attribute called pwdLastSet which should be the date the password was last set. It is not coming up. I thought it might be a permissions thing so I tried it with a Domain Admin's  credentials but that did not make a difference. Any ideas would be appreciated.

Jane

  • Sr. Member
  • ****
  • Posts: 348
  • Expert on nothing with opinions on everything.
    • View Profile
    • Email
Re: LDAP attribute pwdLastSet
« Reply #1 on: May 04, 2022, 04:01:55 PM »
That was tricky... LOL...

Search in netldap.clw for the NetLDAP.ParseAttributes procedure

change the line from

  pAttributes.Filter('','Set')

to

  pAttributes.Filter('','Set of')

As written, it's filtering out the pwdlastSET attribute ;)

jf

mmelby

  • Newbie
  • *
  • Posts: 35
    • View Profile
    • Email
Re: LDAP attribute pwdLastSet
« Reply #2 on: May 05, 2022, 11:48:14 AM »
Jane, That worked. Thank you!

So now that I have that working an additional question would be. Can this same functionality be done in a web application. I did not find much in the way of LDAP in the docs or sample programs but I am still looking.

Regards,
    Mike

Jane

  • Sr. Member
  • ****
  • Posts: 348
  • Expert on nothing with opinions on everything.
    • View Profile
    • Email
Re: LDAP attribute pwdLastSet
« Reply #3 on: May 05, 2022, 12:04:20 PM »
BTW, Mike - I'd consider that edit a bug.

Unless Bruce agrees and fixes it, you'll need to re-edit netldap.clw each time you update NetTalk.

Sure you can query AD from a web app.  I've been doing it for several years with my own code and Bruce has incorporated LDAP functionality into Secwin 7.

As with any asynchronous request for data, your web server will have a (hidden) window acting as a web client to fetch the data.

jf

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11155
    • View Profile
Re: LDAP attribute pwdLastSet
« Reply #4 on: May 07, 2022, 07:07:51 AM »
If Jane says it's a bug, then who am I to argue :)
I've made the change here for the next build (12.41)

>> Can this same functionality be done in a web application.

Sure. You web server program can connect to the active directory just fine using the NetLdap classes.
Of course your _web server_ program will do the connecting to the AD server, not the browser client. But you can do all the AD stuff in the background, and plug it onto any web page you like.

Cheers
Bruce