Attribute syntax: 2.5.5.16 versus 2.5.5.11

  • 161 Views
  • Last Post 14 October 2015
Ravi.Sabharanjak posted this 13 October 2015

Hello all,
I need to store a time stamp in the active directory. I will be defining this as a new attribute and I was wondering which of the 2 possibilities is the better choice -
Interval - https://msdn.microsoft.com/en-us/library/ms684426(v=vs.85).aspx ORGeneralized time - https://msdn.microsoft.com/en-us/library/ms684436(v=vs.85).aspx
Microsoft seems to have preferred using the interval syntax for many of the common time attributes that I dumped using adfind -
"adminDisplayName","attributeSyntax"
"Account-Expires","2.5.5.16"
"Pwd-Last-Set","2.5.5.16"
"Bad-Password-Time","2.5.5.16"
"When-Changed","2.5.5.11"
"Max-Pwd-Age","2.5.5.16"
"msDS-LastSuccessfulInteractiveLogonTime","2.5.5.16"
Which syntax is the superior choice and why?
thanks and regards,-Ravi

Order By: Standard | Newest | Votes
gkirkpatrick posted this 13 October 2015

They’re both suitable for representing a time, it just depends on your needs and how you want to handle them in your code.

 

2.5.5.11 represents a Generalized Time string e.g.

20091217143225.0Z.

You can convert it to a .Net Framework DateTime by parsing the string into year, month, day etc., converting the strings to integers and using the appropriate DateTime constructor. There might also be an existing format provider, I don’t know offhand.

 

2.5.5.16 is a 64-bit integer and represents the number of 100 nanosecond intervals since Jan 1, 1601 (same as the file system). You

can convert it to a .Net Framework DateTime using the FromFileTime() function.

 

I like Generalized Time (2.5.5.11) better because 1) that’s what it’s for, and 2) if you happen to be reading an LDIF dump, it’s easy

to figure out what the time represents.

 

Use 2.5.5.16 if you need better than 1 second resolution in your times, or if you need some sort of correspondence with file system

object times and dates.

 

-gil

 

show

DonH posted this 13 October 2015

The advice I’d give is to use Generalized Time if you want to display the time, and Interval if you want to do math with it. From the examples listed below, you can imagine code something like                If ((currentTime – pwdLastSet) > maxPwdAge) { IssueAnnoyingPopup();                }being executed far more often than code that actually displays the maxPwdAge on screen.  Thus we put those attributes in a form that was convenient for calculation, rather than convenient for display. DonH  

show

Ravi.Sabharanjak posted this 13 October 2015

thank you for your inputs Gil and Don, I will go with the generalized time syntax.
-Ravi


show

joe posted this 13 October 2015

Another thing I like about the generalized time syntax is that it works well with LDAP filter comparison operations (= >= <=) and the time format is literal so it is easy to create LDAP queries with human readable comparison values. The FILETIME structure used by the Windows date/time values is quite a bit more obtuse in this regard.
Joe K.


show

Ravi.Sabharanjak posted this 14 October 2015

Yes, I found your blog on it, that explained it very well.
Thanks,

show

Close