000014682 - AM7.1: cannot set the expiry date of a user account using the C# API

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000014682
Applies ToAuthenitcation Manager 7.1
RSA Authentication Manager 7.1 API
IssueSet the expiry date of a user account using the AM 7.1 C# API
When creating a user using the C# API, the expiry date always ends up being set to the same value as the create date
Cannot update the expiry date of an existing user

Bug 116940 - Web Services WSDL C# SearchIUAPoliciesCmmand Search by LAST_UPDATE_ON, filter date ignored and current date is used.

ResolutionThe fix is a server side fix and not client side which means that SP2 needs to be installed. SP2 has a new version of rsaws.dll because of other changes in the API but this is not enough and will not work witha pre-SP2 server by itself.
Sample code reproducing the issue:
private String createUser(String userId, String password, String first, String last) {
// the start date
DateTime now = DateTime.Now;

// the account end date
DateTime expire = DateTime.Now;
expire = expire.AddYears(1);

PrincipalDTO principal = new PrincipalDTO();
principal.userID = ( userId );
principal.firstName = ( first );
principal.lastName = ( last );
principal.password = ( password );

principal.enabled = (true);
principal.lockoutStatus = (false);
principal.accountStartDate = (now);
principal.accountExpireDate = (expire);
principal.adminRole = (false);
principal.canBeImpersonated = (false);
principal.trustToImpersonate = (false);

principal.securityDomainGuid = ( domain.guid );
principal.identitySourceGuid = ( idSource.guid );
principal.description = ("Created by AM Demo code");

AddPrincipalsCommand cmd = new AddPrincipalsCommand();
cmd.principals = ( new PrincipalDTO[] { principal } );


// only one user was created, there should be one GUID result
return cmd.guids[0];
Legacy Article IDa49233