| Directory Services |
To force a user to change their password at next logon, set the pwdLastSet attribute to zero (0), as shown in the following code example.
Dim usr as IADs
Set usr = GetObject("LDAP://CN=Jeff Smith,OU=Sales,DC=Fabrikam,DC=Com")
usr.Put "pwdLastSet", CLng(0)
usr.SetInfo
/***************************************************************************
SetUserMustChangePassword()
***************************************************************************/
HRESULT SetUserMustChangePassword(LPCWSTR pwszUserADsPath,
LPCWSTR pwszUsername,
LPCWSTR pwszPassword)
{
IADs *pUser;
HRESULT hr;
hr = ADsOpenObject(pwszUserADsPath,
pwszUsername,
pwszPassword,
ADS_SECURE_AUTHENTICATION,
IID_IADs,
(void**)&pUser);
if(SUCCEEDED(hr))
{
VARIANT var;
VariantInit(&var);
V_I4(&var) = 0;
V_VT(&var) = VT_I4;
hr = pUser->Put(CComBSTR("pwdLastSet"), var);
hr = pUser->SetInfo();
VariantClear(&var);
pUser->Release();
}
return hr;
}