Re: Changing passwords in Active Directory

[Eric S. <eri...@CS...>]

Ok, thanks for you help, the actual solution is rather strange.

This does not work
$result = $ldaps -> modify($dn, replace => [unicodePwd => $pass]);

While this does work
$result = $ldaps -> modify($dn, replace => {unicodePwd => $pass});

just a guess, we must be sending a ghost operation when [] are used, 
and that is killing the whole transaction. Anyway, thanks again.

	-E

On Tuesday, December 10, 2002, at 04:34  PM, Eric Stokes wrote:

> Hello Gentlemen. I'm trying set a password in Active Directory via 
> Net::LDAP. I've been running into trouble for a while now. I've read 
> both your posts on the subject, and have tried your solutions. 
> Needless to say, neither of them worked for me.
>
> Here is the code I am currently trying. Christopher Bongaarts's method 
> yielded the same result.
> ...
> sub MakeUnicodePwd # from Norbert Klasen's post
> {
>     my $u = latin1("\"".$_[0]."\"");
>     $u->byteswap();
>     return $u->ucs2;
> }
> my $pass = MakeUnicodePwd("passw0rd1");
> $result = $ldaps -> modify($dn, replace => [unicodePwd => $pass]);
> print $result -> code()."\n";
> print $result -> error()."\n";
>
> The error I get is
>
> 19
> 00002081: AtrErr: DSID-031D0AA0, #1:
>         0: 00002081: DSID-031D0AA0, problem 1005 
> (CONSTRAINT_ATT_TYPE), data 0, Att 9005a (unicodePwd)
>
> Constraint violation? Possibly my data is not in the right format? I 
> have verified that the DN I'm binding as has permission to set the 
> password. I'm going over SSL (ciphers => "HIGH"). I've tried various 
> different passwords just to make sure they're not trying to enforce 
> good passwords at the ldap layer. I'm stumped, any ideas would be very 
> helpful.
>
>
> 	-Eric Stokes
>
> Programmer Analyst,
> Information Technology Resources - Middleware Group,
> California State University Northridge