无法通过ldap3 Python3更改用户密码 [英] Unable to change user's password via ldap3 Python3
问题描述
每当我尝试通过ldap3库更改某人的密码时,都会出现以下错误:
Whenever I try to change someone's password via ldap3 library I get the following error:
{'type': 'modifyResponse', 'result': 53, 'message': '0000001F: SvcErr: DSID-031A12D2, problem 5003 (WILL_NOT_PERFORM), data 0\n\x00', 'referrals': None, 'description': 'unwillingToPerform', 'dn': ''}
通常由于两个条件而发生此错误:用户试图通过未加密的连接修改密码,或者使用错误的编码发送密码.我的SSL连接很好(至少看起来是这样):
This error usually occurs because of the two conditions: either user is trying to modify the password through the unencrypted connection or the password is being sent with the incorrect encoding. My SSL connection is fine (at least it seems to be):
print(connection)
>>> ldaps://DC1.DOMAIN.LOCAL:636 - ssl - user: DOMAIN\admin - not lazy - bound - open - <local: 172.16.10.2:49230 - remote: 172.16.10.254:636> - tls not started - listening - SyncStrategy - internal decoder
我尝试对要发送到LDAP服务器的字符串进行编码,但是.encode('utf-16le')不能解决问题.还有其他解决方法吗?
I tried to encode the string I'm trying send to the LDAP server, but .encode('utf-16le') didn't do the trick. Any other workarounds?
我有一个使用Windows Server 2012 R2作为域控制器的测试域环境,下面提供了我尝试更改密码的代码.
I have a test domain environment with Windows Server 2012 R2 as a domain controller, and the code I'm trying to change the password with is present below.
import ssl
from ldap3 import *
tls_configuration = Tls(validate=ssl.CERT_REQUIRED, version=ssl.PROTOCOL_TLSv1_2)
s = Server('DC1.domain.local', get_info=ALL, use_ssl=True, tls=tls_configuration)
password = 'mypasswordhere'
c = Connection(s, user="DOMAIN\\admin", password=password)
c.open()
c.bind()
user = "CN=Dummy Dumass,OU=Automatically Generated,OU=Staff,OU=RU,DC=DOMAIN,DC=LOCAL"
c.modify(user, {
'unicodePwd': [(MODIFY_REPLACE, ['New12345'])]
})
print(c.result)
c.unbind()
推荐答案
ldap3包含用于更改AD密码的特定方法,请使用以下代码代替c.modify():
ldap3 contains a specific method for changing AD password, use the following code instead of c.modify():
c.extend.microsoft.modify_password(user, new_password)
这篇关于无法通过ldap3 Python3更改用户密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
