Setting password
Daniel LB
daniel1337 at gmail.com
Tue May 24 14:21:40 CEST 2005
Yes, I am doing this with AD.
I tried what you said and the error message I got back was
WILL_NOT_PERFORM (Server unwilling to perform), so I'm guessing it's
because I don't use any encryption on my connection.
But, since I'm only connecting to localhost, is encryption really necessary?
Anyway.. could you give me an example of how you establish your
encrypted connection?
thanks
//daniel
On 5/23/05, Deepak Giridharagopal <deepak at arlut.utexas.edu> wrote:
> On Mon, 2005-05-23 at 13:06 +0200, Daniel LB wrote:
> > I have only come across the passwd(user,oldpw,newpw) function, which
> > requires the old password, but if you are logged in as Administrator
> > you should be able to *set* the users' password directly, no?
>
> Are you doing this with Active Directory (I ask because you mention
> "Administrator" in your email)? If not, then ignore the rest of this
> message. :)
>
> But if so, then here's some code that I use:
>
> userdn = "cn=foo,cn=users,dc=blah,dc=org"
> pw = "1337secret"
>
> # AD requires that passwords be enclosed in quotes
> # and properly encoded
> adpw = unicode('"' + pw + '"', "iso-8859-1")
> adpw = adpw.encode("utf-16-le")
>
> # conn is an established LDAP connection
> conn.modify_s(userdn, [(ldap.MOD_REPLACE, "unicodePwd", adpw)])
>
> Also, this snippet requires that your LDAP connection to the AD server
> is encrypted. AD won't let you modify certain attributes over an
> unencrypted connection.
>
> Cheers!
> deepak
>
> --
> Deepak Giridharagopal
>
>
More information about the python-ldap
mailing list