TN IT114 How to capture password expiration from InTouch
At certain times, it may be useful to capture when a users password is set to expire from within a Wonderware InTouch application. This can be especially useful in a thin client environment where the user only logs in to use WindowViewer. This tech note walks through using the DirectoryServices dll to capture this information for a Domain user logged into InTouch.
- Author: Joseph Hefner
- Published: 03/19/2015
- Applies to: Application Server 3.1 or later and InTouch 10.1 or later
Step 1: Import the DirectoryServices dll script function library from within the IDE
To do this go to Galaxy \ Import \ Script Function Library as below:
Navigate to the C:\ Windows \ Microsoft .Net \ Framework \ v2.0.50727 location and choose the System.DirectoryServices.dll as below:
Step 2: Create an ArchestrA graphic or User Defined object to find and hold the password expiration information
In this example I have chosen to use an Archestra graphic to capture the expiration date and calculate the number of days before the password expires. The screenshot below shows a picture of the completed graphic. The first 4 fields, Domain, Operator, Password and AccessLevel are simply showing logged in InTouch user information obtained from the Intouch system tags $OperatorDomain, $Operator, $PasswordEntered and $AccessLevel. The following 3 fields are showing custom properties that belong to the graphic with CurDate and ExpDate having a data type as "Time" and DaysTilExpiration having a data type as "Integer". The CurDate custom property is reading the InTouch tag $DateString and formatted as MM/dd/yyyy.
Step 3: Write a script to obtain the password expiration information and calculate the number of days remaining before it expires.
The following screen shot is the action script that was used in the "Check days til Expiration" button. In this example, 172.20.6.176 is the IP Address of the Domain Controller and the FQDN name is JHDomain.local
Below is the script used in the action script of the button:
dim USerEntryString as string;
dim UserEntry as System.DirectoryServices.DirectoryEntry;
userEntryString = "LDAP://172.20.6.176/CN=" + InTouch:$Operator +",CN=Users,DC=" + InTouch:$OperatorDomain + ",DC=com";
UserEntry = System.DirectoryServices.DirectoryEntry(userEntryString);
ExpDate = userEntry.InvokeGet("PasswordExpirationDate");
DaysTilExpiration = ExpDate - CurDate;
Step 4: Display the number of days remaining until the password expires
In order for DaysTilExpiration to reflect the number of days remaining until expiration as oppose to minutes it will need to be divided by 86400 which is (24 days X 60 minutes X 60 seconds).
Step 5: Place the ArchestrA graphic in an Intouch window and display the results.
The result of clicking the "Check days til Expiration" button should be a correct reflection of the number of days remaining until the password expires as in the screenshot below: