Directory and Resource Administrator 6.x
Directory and Resource Administrator 7.0
Directory and Resource Administrator 7.5
An error is returned when trying to expire a password via the ADSI Provider, however the LDAP provider works without error.
Error: 'Error 800a01a8, object required: objuser.get(...)'.
The cause of this issue is that the Directory and Resource Administrator (DRA) server is not returning the information about pwdLastSet in the same format that the Active Directory does. Directory and Resource Administrator returns the value as a VT_DATE instead of an IAdsLargeInteger.
The way this works through OnePoint is the same as Microsoft recommends/uses in msdn:
User Must Change Password at Next Logon
To enable this option, set the pwdLastSet attribute to zero(0). To clear this flag, set the attribute to -1.
Example Code [Visual Basic]
Set usr = GetObject("LDAP://CN=Jeff Smith, OU=Sales, DC=Acme, DC=Com")
usr.Put "pwdLastSet", CLng(0)