Hello all-
I have spent many sleepless nights on this one and I feel like I am
getting close to the solution, but I will need some help as my Java
experience is *very* limited.
I found some Java code that resets the AD password via LDAP/SSL. The
code works successfully and the password is changed when I compile it
with javac.exe and then execute it with java.exe. However, when I run
the same code via ColdFusion, I get message that the password has been
changed, but in fact it remains unchanges.
The setpass.java file is below. Again, once compiled into .class run
from the command line using "java -cp . setpass" the password change
works. However, if I run the same code via ColdFusion, I get a
"success" message in coldfusion-out.log but the password does not
change.
Because it runs when executed via command line and doesn't seem to do
anything when called from ColdFusion, I am stumped. Can anyone please
help?
Execution code in ColdFusion,
=========================================================
<cfobject action="CREATE" type="JAVA" name="x" class="setpass">
<cfscript>
zz = ArrayNew(1);
zz[1]="1";
zz[2]="2";
zz[3]="3";
x.main(zz);
</cfscript>
setpass.java (placed in a classes path under CFMX7 tree)
============================================================
import java.util.Hashtable;
import javax.naming.*;
import javax.naming.ldap.*;
import javax.naming.directory.*;
import java.io.*;
public class setpass
{
public static void main (String[] args)
{
Hashtable env = new Hashtable();
String adminName = "CN=Cold Fusion AD
Manager,CN=Users,DC=subdomain,DC=domain,DC=domain";
String adminPassword = "myADadminPassword";
String userName = "CN=Test User To Have Password
Changes,OU=Test,DC=subdomain,DC=domain,DC=domain";
String newPassword = "newPassword12345";
String keystore =
"C:/CFusionMX7/runtime/jre/lib/security/cacerts";
System.setProperty("javax.net.ssl.trustStore",keystore);
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
//set security credentials, note using simple cleartext
authentication
env.put(Context.SECURITY_AUTHENTICATION,"simple");
env.put(Context.SECURITY_PRINCIPAL,adminName);
env.put(Context.SECURITY_CREDENTIALS,adminPassword);
//specify use of ssl
env.put(Context.SECURITY_PROTOCOL,"ssl");
//connect to my domain controller
String ldapURL = "ldaps://law.georgetown.edu:636";
env.put(Context.PROVIDER_URL,ldapURL);
try {
// Create the initial directory context
LdapContext ctx = new InitialLdapContext(env,null);
//set password is a ldap modfy operation
ModificationItem[] mods = new ModificationItem[1];
//Replace the "unicdodePwd" attribute with a new value
//Password must be both Unicode and a quoted string
String newQuotedPassword = "\"" + newPassword + "\"";
byte[] newUnicodePassword =
newQuotedPassword.getBytes("UTF-16LE");
mods[0] = new
ModificationItem(DirContext.REPLACE_ATTRIBUTE, new
BasicAttribute("unicodePwd", newUnicodePassword));
// Perform the update
ctx.modifyAttributes(userName, mods);
System.out.println("Reset Password for: " + userName);
ctx.close();
}
catch (NamingException e) {
System.out.println("Problem resetting password: " + e);
}
catch (UnsupportedEncodingException e) {
System.out.println("Problem encoding password: " + e);
}
}
}
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Logware (www.logware.us): a new and convenient web-based time tracking
application. Start tracking and documenting hours spent on a project or with a
client with Logware today. Try it for free with a 15 day trial account.
http://www.houseoffusion.com/banners/view.cfm?bannerid=67
Message: http://www.houseoffusion.com/lists.cfm/link=i:4:211555
Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4
Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
