ldap.passwd_s with Active Direcory

Mike.Peters at opengi.co.uk Mike.Peters at opengi.co.uk
Wed Aug 5 18:09:22 CEST 2009


> -----Original Message-----
> From: Michael Ströder [mailto:michael at stroeder.com]
> Sent: 05 August 2009 16:11
> To: Mike Peters
> Cc: python-ldap-dev at lists.sourceforge.net
> Subject: Re: ldap.passwd_s with Active Direcory
> 
> Mike.Peters at opengi.co.uk wrote:
> > Michael Ströder wrote:
> >> Did you search for the MSDN article? The value has to be in your
> case
> >> above:
> >>
> >> '"password"'.encode('utf-16-le')
> >>
> >> Note the quotes and the UTF-16 low-endian encoding.
> >
> > Thanks again for your help. I tried that but to no avail. I still get
> the
> > same error.
> 
> It should work. It's the way I've implemented it in web2ldap. You must
> use
> either LDAPS or StartTLS ext.op.
> 
> You might wanna look what's going on by setting trace_level=2 when
> calling
> ldap.initialize().
> 

With trace_level=2 I get the following:

In [1]: import ldap

In [2]: l = ldap.initialize("ldaps://ad01.demo.local:636", trace_level=2)
*** ldaps://ad01.demo.local:636 - SimpleLDAPObject.set_option ((17, 3),{})

In [3]: l.simple_bind_s(u'user at ADDEMO', u'secret')
*** ldaps://ad01.demo.local:636 - SimpleLDAPObject.simple_bind ((u'user at ADDEMO', u'secret', None, None),{})
=> result: 1
*** ldaps://ad01.demo.local:636 - SimpleLDAPObject.result3 ((1, 1, -1),{})
=> result: (97, [], 1, [])
Out[3]: (97, [])

In [4]: mod_attrs = [( ldap.MOD_REPLACE, 'unicodePwd', '"password"'.encode('utf-16-le') )]
In [5]: dn = 'CN=Barney Rubble,OU=Users,OU=ADDEMO,DC=demo,DC=local'

In [6]: r = l.modify_s(dn, mod_attrs)*** ldaps://ad01.demo.local:636 - SimpleLDAPObject.modify_ext (('CN=Barney Rubble,OU=Users,OU=ADDEMO,DC=demo,DC=local', [(2, 'unicodePwd', '"\x00p\x00a\x00s\x00s\x00w\x00o\x00r\x00d\x00"\x00')], None, None),{})
=> result: 2
*** ldaps://ad01.demo.local:636 - SimpleLDAPObject.result3 ((2, 1, -1),{})
=> LDAPError - UNWILLING_TO_PERFORM: {'info': '0000052D: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0\n', 'desc': 'Server is unwilling to perform'}
ERROR: An unexpected error occurred while tokenizing input
The following traceback may be corrupted or invalid
The error message is: ('EOF in multi-line statement', (134, 0))




More information about the python-ldap mailing list