如何更改unicodePwd?

时间:2013-07-02 13:55:41

标签: active-directory passwords ldap jndi

    Hashtable<String, String> environment = new Hashtable<String, String>();
    environment.put(LdapContext.CONTROL_FACTORIES,"com.sun.jndi.ldap.ControlFactory ");
    environment.put("javax.security.sasl.policy.noplaintext", "true");
    environment.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
    environment.put(Context.PROVIDER_URL, "ldap://url:389/");
    environment.ut(Context.SECURITY_AUTHENTICATION, "DIGEST-MD5 GSSAPI");
    environment.put(Context.SECURITY_PROTOCOL, "sasl");
    environment.put(Context.SECURITY_PRINCIPAL, "admin");
    environment.put(Context.SECURITY_CREDENTIALS, "password");
    try {
        System.out.println("nine");
        DirContext ctx = new InitialDirContext(environment);
        System.out.println("ten");

        String oldPass = "" + "3qgYl3R2oh7Rwo6" + "";
        String newPass = "" + "3qgYl3R2oh7Rwo5" + "";

        ModificationItem[] modificationItems = new ModificationItem[2];
        modificationItems[0] = new ModificationItem(
                DirContext.REMOVE_ATTRIBUTE, new BasicAttribute(
                        "unicodePwd", oldPass.getBytes("UTF-16LE")));
        modificationItems[1] = new ModificationItem(
                DirContext.ADD_ATTRIBUTE, new BasicAttribute("unicodePwd",
                        newPass.getBytes("UTF-16LE")));
    //  modificationItems[0] = new ModificationItem(
            //  DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(
                //      "unicodePwd", newPass.getBytes("UTF-16LE")));

        try {
            ctx.modifyAttributes("CN=xxx,OU=xx,OU=xx,DC=xx,DC=xxx,DC=xx",
                    modificationItems);
        } catch (NamingException e) {
            e.printStackTrace();
        }
        ctx.close();
    } catch (NamingException | UnsupportedEncodingException e) {
        e.printStackTrace();
        System.out.println(e.getMessage().trim());

    }

我收到以下错误。 636 ssl港口关闭。 如何更改unicodePwd? 你能帮帮我吗?

LDAP:错误代码53 - 00002077:SvcErr:DSID-03190F0A,问题5003(WILL_NOT_PERFORM)

1 个答案:

答案 0 :(得分:1)

我们有一个我们知道在W3k上工作的样本。

http://ldapwiki.com/wiki/Example%20-%20Active%20Directory%20Change%20Password%20JNDI

但您的问题是Microsoft Active Directory要求通过安全连接完成所有密码设置。我们还会介绍:http://ldapwiki.com/wiki/Setting%20and%20Changing%20Microsoft%20Active%20Directory%20Passwords