Hello All,
I have been working for sometime on putting a web page together that users
can go to change their passwords. We have two directories, NDS and AD, and
the NDS part works great. I have read just about every post I can find but
nothing is helping at this point. The pseudo code is as follows:
1. Get userDN, oldpass, newpass
2. Bind as the userDN
3. Change NDS password
4. Make Unicode passwords (old and new)
5. pass Unicode passwords to AD .
As mentioned the NDS changes work fine but the AD change keeps reporting:
00002077: SvcErr: DSID-03190ACC, problem 5003 (WILL_NOT_PERFORM), data 0
My code snippet is:
$res = $ldap->bind($user,password => $oldPwd, version => 3 ); # use
for changes/edits
$error = $res->error();
if($error ne "Success")
{
print ("LDAP Bind Error: $error<br>");
}else{
if($adMod == 1)
{
$adOldPass = MakeUnicodePwd($oldPwd);
$adNewPass = MakeUnicodePwd($newPwd);
$r1 = $ldap->modify($user,changes => [ delete =>
[unicodePwd => $adOldPass],
add
=> [unicodePwd => $adNewPass]
]
);
}else{
$r1 = $ldap->modify($user,changes => [
delete => [userPassword => $oldPwd],
add
=> [userPassword => $newPwd]
]
);
}
$error = $r1->error();
}
$ldap->unbind();
return $r;
Any thoughts?
Thanks,
K. Todd Cox
National Cancer Institute
Rockville, MD 20852
