ldap.passwd_s with Active Direcory
Michael Ströder
michael at stroeder.com
Tue Aug 4 18:28:57 CEST 2009
Mike.Peters at opengi.co.uk wrote:
>
> I'm not sure if this is the right place for this query, but I couldn't
> find a python-LDAP-Users list.
>
> I'm trying to modify a user's password on an Windows 2003 Active
> directory using passwd_s, however the server is returning the following
> error:
>
> {'info': '0000203D: LdapErr: DSID-0C090C7D, comment: Unknown extended
> request OID, data 0, vece', 'desc': 'Protocol error'}
>
> I realise this is a server configuration thing as opposed to a
> python-ldap issue, but google hasn't been any help so far. Does anyone
> here know what it is I need to enable/change in order to get it to work?
This is because Windows 2003 AD does not support the LDAP Password Modify
Extended Operation (see RFC 3062).
> The connection is using ldaps:// on port 636 and I can search the AD and
> modify other values eg givenName etc, just not passwords, and I'm
> binding as domain administrator.
There's a MSDN article about how to set attribute unicodePwd via LDAP in AD.
Ciao, Michael.
More information about the python-ldap
mailing list