Account Expiration Default Value for "Never"


Hello Everyone,


I hope somebody has an idea about my concern. I really need it badly as I have a client testing tomorrow.


Anyways, the story is this, I need to create a script to update the attributes of all the users from a CSV file if they already exist in AD and if not, they will be created also.


Problem is, some users in the CSV file has the Account Expiration Date value. And I need to set that if that value is blank it will be automatically set to "NEVER".


I have also read that setting it to 12/30/1600 will automatically set the value to "NEVER". But when I try to do it, an error value of "Not a valid Win32 FileTime" will return.


Any Ideas?

Thank You in Advance


Here's the script:


$NA = "12/30/1600"
$Path = 'CN=Users,DC=adsftest,DC=com,DC=ph'

if (Get-ADUser -Filter {SamAccountName -eq $Username})
#If User Exist, Update Attributes
$USERS = Set-ADUSer -Identity $Name -EmployeeID $EmployeeID -UserPrincipalName "$" -Title $Title -AccountExpirationDate $AccountExpirationDate -Office $Office -Department $Department -StreetAddress $StreetAddress -State $State -City $City -Company $Company -Fax $Fax -PostalCode $PostalCode -Description $Description -Enabled $true
Write-Output "User $SamAccountName Already Exist"
if ($User."LAST EMPLOYMENT DATE" -ne $null) {

Set-ADUser -Identity $Username -AccountExpirationDate $NA

#User does not exist then proceed to create the new user account
$Results = new-aduser -Name $Name -SamAccountName $Username -UserPrincipalName "$" -EmployeeID $EmployeeID -GivenName $GivenName -Surname $Surname -DisplayName $DisplayName -EmailAddress $EmailAddress -Title $Title -Office $Office -Department $Department -StreetAddress $StreetAddress -State $State -City $City -Company $Company -Fax $Fax -PostalCode $PostalCode -Description $Description -AccountPassword (ConvertTo-SecureString -AsPlainText '*****' -Force) -ChangePasswordAtLogon $True -PasswordNeverExpires $false -path $Path -Enabled $True
Write-Output "User $Name has been created"


Error Result:

Set-ADUser : Not a valid Win32 FileTime.
At C:\Script\UL-ADCreate-New.ps1:45 char:1
+ Set-ADUser -Identity $Username -AccountExpirationDate $NA
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (u2:ADUser) [Set-ADUser], ArgumentOutOfRangeException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.ArgumentOutOfRangeException,Microsoft.ActiveDirec

Set-ADUser : Cannot bind parameter 'AccountExpirationDate'. Cannot convert value "" to type
"System.DateTime". Error: "String was not recognized as a valid DateTime."
At C:\Script\UL-ADCreate-New.ps1:40 char:148
+ ... ExpirationDate $AccountExpirationDate -Office $Office -Department $Department -S ...
+ ~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.ActiveDirectory.Management.Commands.S

1 Reply