ldap.passwd_s with Active Direcory

Mike.Peters at opengi.co.uk Mike.Peters at opengi.co.uk
Thu Aug 6 17:14:23 CEST 2009


> -----Original Message-----
> From: Michael Ströder [mailto:michael at stroeder.com]
> Sent: 06 August 2009 00:49
> To: Mike Peters
> Cc: python-ldap-dev at lists.sourceforge.net
> Subject: Re: ldap.passwd_s with Active Direcory
> 
> Mike.Peters at opengi.co.uk wrote:
> > *** ldaps://ad01.demo.local:636 - SimpleLDAPObject.simple_bind
> ((u'user at ADDEMO', u'secret', None, None),{})
> 
> First of all you should not pass Unicode strings to python-ldap. That's
> not a
> problem for the actual values you used though in this example but in
> general
> up to now python-ldap only receives raw strings as arguments.

OK, thanks. I'll bear that in mind.

> 
> > In [4]: mod_attrs = [( ldap.MOD_REPLACE, 'unicodePwd',
> '"password"'.encode('utf-16-le') )]
> > In [5]: dn = 'CN=Barney Rubble,OU=Users,OU=ADDEMO,DC=demo,DC=local'
> >
> > In [6]: r = l.modify_s(dn, mod_attrs)*** ldaps://ad01.demo.local:636
> - SimpleLDAPObject.modify_ext (('CN=Barney
> Rubble,OU=Users,OU=ADDEMO,DC=demo,DC=local', [(2, 'unicodePwd',
> '"\x00p\x00a\x00s\x00s\x00w\x00o\x00r\x00d\x00"\x00')], None, None),{})
> 
> Unfortunately I can't tell whether
> user at ADDEMO and CN=Barney Rubble,OU=Users,OU=ADDEMO,DC=demo,DC=local
> are the same AD user entry.
> 
> I vaguely remember that when setting your own password you have to
> explicitly
> delete the old one and add the new one. Dig for the MSDN article.
> 

No, I'm using a different user. I've tried a couple of different users including Administrator in case it is user permissions. I've looked at the MSDN article and can't see anything in there different.

Thanks

Mike Peters



More information about the python-ldap mailing list