每当我尝试通过ldap3库更改某人的密码时,我会收到以下错误:
{'type': 'modifyResponse','result': 53,'message': '0000001F: SvcErr: DSID-031A12D2,problem 5003 (WILL_NOT_PERFORM),data 0\n\x00','referrals': None,'description': 'unwillingToPerform','dn': ''}
由于以下两个条件,通常会发生此错误:用户尝试通过未加密的连接修改密码,或者使用不正确的编码发送密码.我的SSL连接很好(至少看起来像是这样):
print(connection)
>>> ldaps://DC1.DOMAIN.LOCAL:636 - ssl - user: DOMAIN\admin - not lazy - bound - open - - tls not started - listening - SyncStrategy - internal decoder
我试图编码我正在尝试发送到LDAP服务器的字符串,但.encode(‘utf-16le’)没有做到这一点.还有其他解决方法吗?
我有一个测试域环境,Windows Server 2012 R2作为域控制器,我正在尝试更改密码的代码如下所示.
import ssl
from ldap3 import *
tls_configuration = Tls(validate=ssl.CERT_REQUIRED,version=ssl.PROTOCOL_TLSv1_2)
s = Server('DC1.domain.local',get_info=ALL,use_ssl=True,tls=tls_configuration)
password = 'mypasswordhere'
c = Connection(s,user="DOMAIN\\admin",password=password)
c.open()
c.bind()
user = "CN=Dummy Dumass,OU=Automatically Generated,OU=Staff,OU=RU,DC=DOMAIN,DC=LOCAL"
c.modify(user,{
'unicodePwd': [(MODIFY_REPLACE,['New12345'])]
})
print(c.result)
c.unbind()