(Please, do not cross-post, thanks !)

There are a few possibilities for you to get a CONSTRAINT_VIOLATION while trying to modify the userPassword attribute.

First, which version of ApacheDS are you using ?

Second, have you set any PasswordPolicy (I would say, likely) ?


On 10/09/2019 12:43, Czesław Szczotka wrote:
Hi,
I have users in my ApacheDS. I would like to modify userPassword attribute ( for inetOrgPerson entity in ApacheDS)  from C# code.
Below is my code snippet:
 public static string ChangePassword20(string adminUser, string adminPassword, string container, string domainController, string userName, string newPassword)
{
            const AuthenticationTypes authenticationTypes =  AuthenticationTypes.ServerBind;

            DirectoryEntry searchRoot = null;
            DirectorySearcher searcher = null;
            DirectoryEntry userEntry = null;

            try
            {
                searchRoot = new DirectoryEntry(String.Format("LDAP://{0}/{1}", domainController, container),
                    adminUser, adminPassword, authenticationTypes);

                searcher = new DirectorySearcher(searchRoot);
                searcher.Filter = String.Format("userid={0}", userName);
                searcher.SearchScope = System.DirectoryServices.SearchScope.Subtree;
                searcher.CacheResults = false;

                SearchResult searchResult = searcher.FindOne(); ;
                if (searchResult == null) return "User Not Found In This Domain";

                userEntry = searchResult.GetDirectoryEntry();

                //userEntry.InvokeSet("userPassword", new object[] { Encoding.UTF8.GetBytes( newPassword ) });                 userEntry.Invoke("userPassword", new object[] { newPassword });
                userEntry.CommitChanges();

                return "New password set";
            }
            catch (Exception ex)
            {
                 Console.WriteLine(ex.ToString());
                retrun "Error";
            }
            finally
            {
                if (userEntry != null) userEntry.Dispose();
                if (searcher != null) searcher.Dispose();
                if (searchRoot != null) searchRoot.Dispose();
            }

}

I'm getting such error:
CONSTRAINT_VIOLATION: failed for MessageType : MODIFY_REQUEST
Message ID : 10
    Modify Request
        Object : 'userid=test1,ou=users,dc=service,dc=...'
            Modification[0]
                Operation :  replace
                Mod

This code works when I try to modify other attributes like mail. Do you know what can be wrong ? Maybe you have some example in other code like java how to do this.
Thanks,
Czeslaw

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org

Reply via email to