To force a user to change their password at next logon, set the pwdLastSet attribute to zero (0). To remove this requirement, set the pwdLastSet attribute to -1. The pwdLastSet attribute cannot be set to any other value except by the system.
The following C# code example shows how to set the "User must change password at next logon" option.
var directoryEntry = new DirectoryEntry();
try
{
using(directoryEntry = new DirectoryEntry(userDN))
{
// force password change at next logon
directoryEntry.Properties["pwdLastSet"].Value = 0;
directoryEntry.CommitChanges();
}
}
catch (Exception ex)
{
}