问题描述
我声明,我是一个完整的初学者到LDAP。
我必须让用户能够通过Android设备更改自己的口令。用户没有管理权限。
使用 UnboudId LDAP SDK 的Java我能够绑定到服务器并获取用户使用这个code项:
最后的SocketFactory _socket_factory;
最后SSLUtil _ssl_util =新SSLUtil(新TrustAllTrustManager());
尝试 {
_socket_factory = _ssl_util.createSSLSocketFactory();
}
赶上(例外五){
Log.e(LOG_TAG,***无法初始化SSL,E);
}
LDAPConnectionOptions _ldap_connection_options =新LDAPConnectionOptions();
_ldap_connection_options.setAutoReconnect(真正的);
_ldap_connection_options.setConnectTimeoutMillis(30000);
_ldap_connection_options.setFollowReferrals(假);
_ldap_connection_options.setMaxMessageSize(1024 * 1024);
LDAPConnection _ldap_connection =新LDAPConnection(_socket_factory,_ldap_connection_options,[主机IP] 636,[用户名],[密码]);
过滤_filter = Filter.create((通过UserPrincipalName =+ [用户名] +));
SearchRequest _search_request =新的SearchRequest([基DN],SearchScope.SUB,_filter);
_search_request.setSizeLimit(1000);
_search_request.setTimeLimitSeconds(30);
信息搜索结果_search_result = _connection.search(_search_request);
这工作,我得到1项,所有的相关属性。现在我的任务就是修改密码[密码]有一个新的[新密码]。
我尝试:
PasswordModifyExtendedRequest _password_modify_request =新PasswordModifyExtendedRequest([找到的条目DN],[密码],[新密码]);
PasswordModifyExtendedResult _password_modify_result =(PasswordModifyExtendedResult)_ldap_connection.processExtendedOperation(_password_modify_request);
这不因LDAPException工作
LDAPException(结果code = 2(协议错误)的errorMessage ='0000203D:LdapErr:DSID-0C090C7D,注释:未知的扩展请求OID,数据0,vece ',diagnosticMessage ='0000203D:LdapErr:DSID-0C090C7D,注释:未知的扩展请求OID,数据0,vece)
然后我tryed
最后修改_replace_modification =新的修改(ModificationType.REPLACE,UNI codePWD,_get_quoted_string_bytes([新密码]));
LDA presult _result = _connection.modify([找到的条目DN],_replace_modification);
这不因LDAPException工作
LDAPException(结果code = 50(没有足够的访问权限),的errorMessage ='00000005:SecErr:DSID-031A0F44,问题4003(INSUFF_ACCESS_RIGHTS),数据0)
最后,我tryed
最后修改_delete_old_modification =新的修改(ModificationType.DELETE,UNI codePWD,_get_quoted_string_bytes([密码]));
最后修改_add_new_modification =新的修改(ModificationType.ADD,UNI codePWD,_get_quoted_string_bytes([新密码]));
最终的ArrayList<变形> _modifications =新的ArrayList<变形>();
_modifications.add(_delete_old_modification);
_modifications.add(_add_new_modification);
LDA presult _result = _connection.modify([找到的条目DN],_modifications);
这不因LDAPException工作
LDAPException(结果code = 19(违反约束),的errorMessage ='00000005:AtrErr:DSID-03190F00,#1:0:00000005:DSID-03190F00,问题1005 (CONSTRAINT_ATT_TYPE),数据0,ATT 9005a(UNI codePWD)',diagnosticMessage ='00000005:AtrErr:DSID-03190F00,#1:0:00000005:DSID-03190F00,问题1005(CONSTRAINT_ATT_TYPE),数据0 ,ATT 9005a(UNI codePWD))
现在我没有更多的想法...任何帮助将AP preciated,在此先感谢
最后修改_delete_old_modification =新的修改(ModificationType.DELETE,UNI codePWD,(''+旧密码+).getBytes(UTF-16LE));
最后修改_add_new_modification =新的修改(ModificationType.ADD,UNI codePWD,('+新密码+).getBytes(UTF-16LE));
并获得成功。
I state that I am a complete beginner to LDAP.
I have to let a user change its own password through an Android device. User has NOT administrative privileges.
Using the UnboudId LDAP SDK for Java I'm able to bind to server and get the user entry using this code:
final SocketFactory _socket_factory;
final SSLUtil _ssl_util = new SSLUtil(new TrustAllTrustManager());
try {
_socket_factory = _ssl_util.createSSLSocketFactory();
}
catch (Exception e) {
Log.e(LOG_TAG, "*** Unable to initialize ssl", e);
}
LDAPConnectionOptions _ldap_connection_options = new LDAPConnectionOptions();
_ldap_connection_options.setAutoReconnect(true);
_ldap_connection_options.setConnectTimeoutMillis(30000);
_ldap_connection_options.setFollowReferrals(false);
_ldap_connection_options.setMaxMessageSize(1024*1024);
LDAPConnection _ldap_connection = new LDAPConnection(_socket_factory, _ldap_connection_options, [host ip], 636, [username], [password]);
Filter _filter = Filter.create("(userPrincipalName=" + [username] + ")");
SearchRequest _search_request = new SearchRequest([base DN], SearchScope.SUB, _filter);
_search_request.setSizeLimit(1000);
_search_request.setTimeLimitSeconds(30);
SearchResult _search_result = _connection.search(_search_request);
This works and I get 1 entry and all the relative attributes. Now my task is to change the password [password] with a new [new password].
My attempts:
PasswordModifyExtendedRequest _password_modify_request = new PasswordModifyExtendedRequest([found entry DN], [password], [new password]);
PasswordModifyExtendedResult _password_modify_result = (PasswordModifyExtendedResult)_ldap_connection.processExtendedOperation(_password_modify_request);
This doesn't work due to LDAPException
LDAPException(resultCode=2 (protocol error), errorMessage='0000203D: LdapErr: DSID-0C090C7D, comment: Unknown extended request OID, data 0, vece��', diagnosticMessage='0000203D: LdapErr: DSID-0C090C7D, comment: Unknown extended request OID, data 0, vece��')
Then I've tryed
final Modification _replace_modification = new Modification(ModificationType.REPLACE, "unicodePwd", _get_quoted_string_bytes([new password]));
LDAPResult _result = _connection.modify([found entry DN], _replace_modification);
This doesn't work due to LDAPException
LDAPException(resultCode=50 (insufficient access rights), errorMessage='00000005: SecErr: DSID-031A0F44, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0)
Finally I've tryed
final Modification _delete_old_modification = new Modification(ModificationType.DELETE, "unicodePwd", _get_quoted_string_bytes([password]));
final Modification _add_new_modification = new Modification(ModificationType.ADD, "unicodePwd", _get_quoted_string_bytes([new password]));
final ArrayList<Modification> _modifications = new ArrayList<Modification>();
_modifications.add(_delete_old_modification);
_modifications.add(_add_new_modification);
LDAPResult _result = _connection.modify([found entry DN], _modifications);
This doesn't work due to LDAPException
LDAPException(resultCode=19 (constraint violation), errorMessage='00000005: AtrErr: DSID-03190F00, #1:0: 00000005: DSID-03190F00, problem 1005 (CONSTRAINT_ATT_TYPE), data 0, Att 9005a (unicodePwd)��', diagnosticMessage='00000005: AtrErr: DSID-03190F00, #1: 0: 00000005: DSID-03190F00, problem 1005 (CONSTRAINT_ATT_TYPE), data 0, Att 9005a (unicodePwd) ��')
And now i have no more ideas... Any help will be appreciated, thanks in advance
final Modification _delete_old_modification = new Modification(ModificationType.DELETE, "unicodePwd", ('"' + oldPassword + '"').getBytes("UTF-16LE"));
final Modification _add_new_modification = new Modification(ModificationType.ADD, "unicodePwd", ('"' + newPassword + '"').getBytes("UTF-16LE"));
Did the trick.
这篇关于在Active Directory的LDAP修改用户密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!