Change password

Michael Ströder michael at
Tue Sep 16 08:14:17 CEST 2008

Jonathan Hansen wrote:
> Does anyone have a working password change script for active directory  
> server that will run on Linux?

My web2ldap implements it. But it's not a small script. Depending on
your use-case you might consider deploying web2ldap though. At least for
learning how the data looks like it would be useful.

I see three issues here:

> *** ldap://my.ldap.server:389 - SimpleLDAPObject.search_ext  
> (('cn=Users,my.dc', 2, '(objectClass=user)(mail=*)', ['*'], 0, None,  
1. This is not a valid DN. With AD it should rather look like


> *** ldap://my.ldap.server:389 - SimpleLDAPObject.result3 ((2, 1, -1),{})
> => LDAPError - SERVER_DOWN: {'info': '', 'desc': "Can't contact LDAP  
> server"}

2. This error code means the LDAP server wasn't reachable at all.

3. Also note that for chaning the AD password (attribute unicodePwd) you
have to use SSL. So your connection URI has to look like this:


See Demo/ how to set the SSL/TLS-related options.

Ciao, Michael.

More information about the python-ldap mailing list