This is contrary to what I've read (and various forms of sample code,
including from the FAQ) and what had once worked a couple of months ago -
it seems that only an admin can replace whereas a user must delete/add.
Since then, OpenLDAP libraries have been upgraded from 2.1 to 2.2(27),
Net::LDAP from 0.31 to 0.33, and perl from 5.8.0 to 5.8.5 (rhel3 -> rhel4).
Supposedly nothing changed on the AD side, tho i'm suspecting the issue is
there.
Did you really mean "userPassword" as opposed to "unicodePwd" ?
regards,
-ericb
Christopher A Bongaarts wrote:
>>Strangely, if I use a "replace" operation instead of changes=>{delect,add},
>>it is accepted (tho i gotta bind as an admin user as well). Doesn't seem to
>>be a permission issue, as that would show up differently (such as using
>>"replace" without being an admin). What else could it be ?
> AD requires that you use replace, not delete/add, for userPassword.
> It's Just The Way It Is.
