我们已将msDS-User-Account-Control-Computed设置为当上次设置的用户密码自动超过3个月时密码已过期。但是,如果用户通过Java代码重设密码,则需要重设此属性(不确定哪个属性)。我尝试将值更改为0x00000000,但是随后抛出以下错误
Malformed 'ms-DS-User-Account-Control-Computed' attribute value; nested exception is javax.naming.directory.InvalidAttributeValueException: Malformed 'ms-DS-User-Account-Control-Computed' attribute value; remaining name 'CN=1234,OU=Users……'
我尝试了以下代码,但运行时却抛出错误。
Attribute attr = new BasicAttribute("userPassword", newPassword);
ModificationItem item = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, attr);
Attribute userCtrlAttr = new BasicAttribute("ms-DS-User-Account-Control-Computed", 0x00000000);
ModificationItem userCtrlItem = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, userCtrlAttr);
ldapTemplate.modifyAttributes(dn, new ModificationItem[] {item,userCtrlItem});
当我创建一个新用户时,ms-DS-User-Account-Control-Computed的值类似于0x00000200,它显示为msDS-User-Account-Control-Computed:[??? (0x200)]。对于密码过期的用户,它显示为msDS-User-Account-Control-Computed:[PasswordExpired,??? (0x200)],其值为0x00800200。有什么建议吗?