Account Expiration Default Value for "Never"

Highlighted
Contributor

Hello Everyone,

 

I hope somebody has an idea about my concern. I really need it badly as I have a client testing tomorrow.

 

Anyways, the story is this, I need to create a script to update the attributes of all the users from a CSV file if they already exist in AD and if not, they will be created also.

 

Problem is, some users in the CSV file has the Account Expiration Date value. And I need to set that if that value is blank it will be automatically set to "NEVER".

 

I have also read that setting it to 12/30/1600 will automatically set the value to "NEVER". But when I try to do it, an error value of "Not a valid Win32 FileTime" will return.

 

Any Ideas?

Thank You in Advance

 

Here's the script:

script.JPG

 

Here's the error message:

Error.JPG

2 Replies

@almarlibetario 

 

To set Account Expiry Date as Never, you better use the Clear-ADAccountExpiration cmdlet or you need to set accountExpires attribute value to 0.

 

Clear-ADAccountExpiration -Identity 'UserName'

----or----

function Get-ADUserFN( [string]$samid=$env:username){
     $searcher=New-Object DirectoryServices.DirectorySearcher
     $searcher.Filter="(&(objectcategory=person)(objectclass=user)(sAMAccountname=$samid))"
     $user=$searcher.FindOne()
      if ($user -ne $null ){
          $user.getdirectoryentry()
     }
}

$user = Get-ADUserFN 'UserName'
$user.psbase.properties
$user.accountExpires = '0'
$user.SetInfo()

 

Note: I have not personally tested the above commands.

 

Highlighted

Thanks for this. Will definitely check this out.