如何獲取Azure Active Directory的密碼策略登錄用戶

我想在c＃中使用圖形API或adal登錄用戶的密碼過期日期。如何獲取Azure Active Directory的密碼策略登錄用戶

帶着這樣的疑問，我知道如何獲得密碼策略，並使用PowerShell的到期日期，但與C＃

Get Azure Active Directory password expiry date in PowerShell

尚未確定在C＃或者是我想要得到PasswordExpiry日期或者作爲替代LastPasswordChangedDate。

使用AD圖形API

2017-04-08 Mandar Jogalekar

要使用C＃中，我們可以調用的PowerShell獲得Azure的AD用戶的這個屬性直接命令。您可以參考下面的代碼示例實現的目標：

private static void GetPasswordExpiredDate() 
{ 
    try 
    { 
     var userName = ""; 
     var password = ""; 
     var securePassword = new SecureString(); 
     var domainName = ""; 
     foreach (char c in password) 
     { 
      securePassword.AppendChar(c); 
     } 

     Collection<PSObject> user = null; 
     Collection<PSObject> passwordPolicy = null; 
     // Create Initial Session State for runspace. 
     InitialSessionState initialSession = InitialSessionState.CreateDefault(); 
     initialSession.ImportPSModule(new[] { "MSOnline" }); 
     // Create credential object. 
     PSCredential credential = new PSCredential(userName, securePassword); 
     // Create command to connect office 365. 
     Command connectCommand = new Command("Connect-MsolService"); 
     connectCommand.Parameters.Add((new CommandParameter("Credential", credential))); 
     // Create command to get office 365 users. 
     Command getPasswordPolicy = new Command("Get-MsolPasswordPolicy"); 
     getPasswordPolicy.Parameters.Add(new CommandParameter("DomainName", domainName)); 
     //Command getUserCommand = new Command("$UserPrincipal=Get-MsolUser -UserPrincipalName '[email protected]'"); 
     Command getUserCommand = new Command("Get-MsolUser"); 
     getUserCommand.Parameters.Add(new CommandParameter("UserPrincipalName", "[email protected]")); 
     //Command getPasswordExpiredDate = new Command("$UserPrincipal.LastPasswordChangeTimestamp.AddDays($PasswordPolicy.ValidityPeriod)"); 

     using (Runspace psRunSpace = RunspaceFactory.CreateRunspace(initialSession)) 
     { 
      // Open runspace. 
      psRunSpace.Open(); 
      //Iterate through each command and executes it. 
      foreach (var com in new Command[] { connectCommand, getUserCommand, getPasswordPolicy }) 
      { 
       var pipe = psRunSpace.CreatePipeline(); 
       pipe.Commands.Add(com); 
       if (com.Equals(getUserCommand)) 
        user = pipe.Invoke(); 
       else if (com.Equals(getPasswordPolicy)) 
        passwordPolicy = pipe.Invoke(); 
       else 
        pipe.Invoke(); 
      } 
      DateTime date =(DateTime) user[0].Properties["LastPasswordChangeTimestamp"].Value; 
      UInt32 ValidityPeriod = (UInt32)passwordPolicy[0].Properties["ValidityPeriod"].Value; 
      Console.WriteLine($"The password will be expired at {date.AddDays(ValidityPeriod)}"); 
      // Close the runspace. 
      psRunSpace.Close(); 
     } 
    } 
    catch (Exception) 
    { 
     throw; 
    } 
}

來源

2017-04-10 05:11:34

您好，感謝您的答覆，以從中獲取密碼過期「LastPasswordChangeTImeStamp」我需要得到MSOL密碼policy.however用戶必須是「全球管理員「能夠檢索不合實際的密碼策略。我該如何解決這個問題？ –

要解決此問題，您可以使用管理員帳戶作爲代理創建服務。您可以根據自己的要求添加服務的認證/授權。 –

@MandarJogalekar請隨時讓我知道，如果你仍然有這個問題的問題。 –

如何獲取Azure Active Directory的密碼策略登錄用戶

回答

相關問題