import java.util.Hashtable;
import javax.naming.*;
import javax.naming.directory.*;
import org.w3c.dom.Attr;
import java.io.*;
public class Setpass2 {
@SuppressWarnings("unchecked")
public static void main(String[] args) {
Hashtable env = new Hashtable();
String ldapHost = "123.4.123.123"; //
String domain = "test.com"; //
String port = "389"; // default Port
String urlDC = "ldap://" + ldapHost + ":" + port + "/";
String adminName = "dev@test.com";
String adminPassword = "xptmxm12#";
String userName = "CN=dev";
String oldPassword = "xptmxm12@";
String newPassword = "xptmxm12$";
String searchBase = "DC=test,DC=com";
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, adminName);
env.put(Context.SECURITY_CREDENTIALS, adminPassword);
env.put(Context.PROVIDER_URL, urlDC);
try {
// Create the initial directory context
DirContext ctx = new InitialDirContext(env);
// Create the search controls
SearchControls searchCtls = new SearchControls();
// Specify the search scope
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
// Specify the attributes to return
String returnedAtts[] = { "cn=dev" };
searchCtls.setReturningAttributes(returnedAtts);
// initialize counter to total the results
int totalResults = 0;
// Search for objects using the filter
NamingEnumeration dirObjects = ctx.search(searchBase, "(sAMAccountName=dev)",
searchCtls);
//while (answer.hasMoreElements()) {
SearchResult sr = (SearchResult) dirObjects.next();
totalResults++;
System.out.println(">>>" + sr.getName());
// }
ModificationItem[] mods = new ModificationItem[1];
//Replace the "unicdodePwd" attribute with a new value
//Password must be both Unicode and a quoted string
String oldQuotedPassword = "\"" + oldPassword + "\"";
byte[] oldUnicodePassword = oldQuotedPassword.getBytes("UTF-16LE");
String newQuotedPassword = "\"" + newPassword + "\"";
byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
// mods[0] = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, new BasicAttribute("unicodePwd", oldUnicodePassword));
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword));
if (mods == null) {
System.out.println("Mods is empty");
} else {
System.out.println(mods);
}
// Perform the update
ctx.modifyAttributes("CN=dev,CN=Users,DC=test,DC=com", mods);
// Check attributes
//Attributes attrs = sr.getAttributes();
//System.out.println(attrs.toString());
//ctx.modifyAttributes(userName, DirContext.REPLACE_ATTRIBUTE, attrs);
System.out.println("Reset Password for: " + userName);
ctx.close();
} catch (NamingException e) {
System.out.println("Problem resetting password: " + e);
} catch (UnsupportedEncodingException e) {
System.out.println("Problem encoding password: " + e);
}
}
}
비밀번호 변경하는중입니다 .
AD서버는 windows2008 입니다.
다음과 같은 코드에서 에러가 생깁니다. ㅠ
Problem resetting password: javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A11E5, problem 5003 (WILL_NOT_PERFORM), data 0'
remaning name "cn=dev, cn=Users, dc=test,dc=com"
보니까 modifyAttributes에서 에러가 나는데 그 이유를 잘 모르겠습니다.
함수를 찾아봐도 별로 잘못쓴게 없는거 같은데 에러가 나는 이유는 뭔지 고수님들 부탁드립니다.
LDAP 접한지 이제 일주일된 초보입니다.ㅠ |