Show me in PHP, if new AD Password is required

I create a web interface with information about the AD users.

Now I want the information, if the user must set a new password or not. I want this information also if the account was new created and is locked.

I use the following code-snipped, but allways get the value "NULL" for $userEntry['pwdLastSet'].

$passwordChangeRequired = isset($userEntry['pwdLastSet']) && $userEntry['pwdLastSet'][0] == 0 ? "Yes" : "No";

For your information. I get other values, for example the if the user is locked or last logon.

I also tested the following code-snippet:

$userAccountControl = $userEntry['pwdlastset'][0];
$passwordChangeRequired = ($userAccountControl & 0x800000) ? "Yes" : "No";

but it also didn't work as expected.

Could anyone help me please, to get the information, if the checkbox is set or not, without checking the consideration if the account is locked and without checking the consideration if the user has logged in at least one time.

Edit: Here is a var_dump;

array(2) { ["count"]=> int(1) [0]=> array(64) { ["objectclass"]=> array(5) { ["count"]=> int(4) [0]=> string(3) "top" [1]=> string(6) "person" [2]=> string(20) "organizationalPerson" [3]=> string(4) "user" } [0]=> string(11) "objectclass" ["cn"]=> array(2) { ["count"]=> int(1) [0]=> string(14) "max.mustermann" } [1]=> string(2) "cn" ["sn"]=> array(2) { ["count"]=> int(1) [0]=> string(10) "Mustermann" } [2]=> string(2) "sn" ["givenname"]=> array(2) { ["count"]=> int(1) [0]=> string(3) "Max" } [3]=> string(9) "givenname" ["distinguishedname"]=> array(2) { ["count"]=> int(1) [0]=> string(69) "CN=max.mustermann,OU=Verwaltung,OU=UserDirectory,DC=example,DC=local" } [4]=> string(17) "distinguishedname" ["instancetype"]=> array(2) { ["count"]=> int(1) [0]=> string(1) "4" } [5]=> string(12) "instancetype" ["whencreated"]=> array(2) { ["count"]=> int(1) [0]=> string(17) "20230819234419.0Z" } [6]=> string(11) "whencreated" ["whenchanged"]=> array(2) { ["count"]=> int(1) [0]=> string(17) "20230819234419.0Z" } [7]=> string(11) "whenchanged" ["displayname"]=> array(2) { ["count"]=> int(1) [0]=> string(14) "Max Mustermann" } [8]=> string(11) "displayname" ["usncreated"]=> array(2) { ["count"]=> int(1) [0]=> string(5) "25065" } [9]=> string(10) "usncreated" ["usnchanged"]=> array(2) { ["count"]=> int(1) [0]=> string(5) "25067" } [10]=> string(10) "usnchanged" ["name"]=> array(2) { ["count"]=> int(1) [0]=> string(14) "max.mustermann" } [11]=> string(4) "name" ["objectguid"]=> array(2) { ["count"]=> int(1) [0]=> string(16) "�x�C�X�C�d�mwc�" } [12]=> string(10) "objectguid" ["useraccountcontrol"]=> array(2) { ["count"]=> int(1) [0]=> string(3) "546" } [13]=> string(18) "useraccountcontrol" ["badpwdcount"]=> array(2) { ["count"]=> int(1) [0]=> string(1) "0" } [14]=> string(11) "badpwdcount" ["codepage"]=> array(2) { ["count"]=> int(1) [0]=> string(1) "0" } [15]=> string(8) "codepage" ["countrycode"]=> array(2) { ["count"]=> int(1) [0]=> string(1) "0" } [16]=> string(11) "countrycode" ["badpasswordtime"]=> array(2) { ["count"]=> int(1) [0]=> string(1) "0" } [17]=> string(15) "badpasswordtime" ["lastlogoff"]=> array(2) { ["count"]=> int(1) [0]=> string(1) "0" } [18]=> string(10) "lastlogoff" ["lastlogon"]=> array(2) { ["count"]=> int(1) [0]=> string(1) "0" } [19]=> string(9) "lastlogon" ["pwdlastset"]=> array(2) { ["count"]=> int(1) [0]=> string(1) "0" } [20]=> string(10) "pwdlastset" ["primarygroupid"]=> array(2) { ["count"]=> int(1) [0]=> string(3) "513" } [21]=> string(14) "primarygroupid" ["objectsid"]=> array(2) { ["count"]=> int(1) [0]=> string(28) "��$!��٥w�`" } [22]=> string(9) "objectsid" ["accountexpires"]=> array(2) { ["count"]=> int(1) [0]=> string(19) "9223372036854775807" } [23]=> string(14) "accountexpires" ["logoncount"]=> array(2) { ["count"]=> int(1) [0]=> string(1) "0" } [24]=> string(10) "logoncount" ["samaccountname"]=> array(2) { ["count"]=> int(1) [0]=> string(14) "max.mustermann" } [25]=> string(14) "samaccountname" ["samaccounttype"]=> array(2) { ["count"]=> int(1) [0]=> string(9) "805306368" } [26]=> string(14) "samaccounttype" ["userprincipalname"]=> array(2) { ["count"]=> int(1) [0]=> string(29) "max.mustermann@example.local" } [27]=> string(17) "userprincipalname" ["objectcategory"]=> array(2) { ["count"]=> int(1) [0]=> string(57) "CN=Person,CN=Schema,CN=Configuration,DC=example,DC=local" } [28]=> string(14) "objectcategory" ["dscorepropagationdata"]=> array(2) { ["count"]=> int(1) [0]=> string(17) "16010101000000.0Z" } [29]=> string(21) "dscorepropagationdata" ["mail"]=> array(2) { ["count"]=> int(1) [0]=> string(21) "max.mustermann@example.de" } [30]=> string(4) "mail" ["count"]=> int(31) ["dn"]=> string(69) "CN=max.mustermann,OU=Verwaltung,OU=UserDirectory,DC=example,DC=local" } }



Comments

Popular posts from this blog

Today Walkin 14th-Sept

Spring Elasticsearch Operations

Hibernate Search - Elasticsearch with JSON manipulation