Creating Active Directory Objects

Mike Matz mmatz at
Thu Nov 8 04:15:27 CET 2007

Thanks for the help guys.  It got me off to a great start.  I have successfully created a user in my AD.  As you already eluded to, I am struggling with the password attribute.  Can the password attribute be set when creating a user.  From what I gathered, the password attribute is 'unicodePwd'.  This attribute cannot be created, it can only be modified.  Is this attribute created by default when a user is created?  Would I be able to do an add and then a modify to set the password?  I am aware of the fact that there are certain restrictions in place in order to modify the password.  I have setup my AD to include SSL and I am able to bind as Administrator over port 636.  With that said one of the examples I ran across for adding a user refers to another attribute 'userPassword'.  I am unable to tell what this attribute is.  In the link below, it appears that the password is being set when the entry is added.  I have tried this unsuccessfully.  I appreicate all the help thus far.

Example Add Entry -

-----Original Message-----
From: Geert Jansen [mailto:geert at]
Sent: Wed 11/7/2007 1:50 PM
To: Michael Ströder
Cc: Mike Matz; python-ldap-dev at
Subject: Re: Creating Active Directory Objects
Michael Ströder wrote:

> I vaguely remember that there are some issues with really activating a
> user entry as a Windows user. But this is not a problem of accessing AD
> via python-ldap.

This indeed rings a bell. You need to create the user as disabled (look
for userAccountControl on MSDN), set a compliant password, and then
enable him.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the python-ldap mailing list