Justin Alcorn wrote:
Chris Ridd wrote:
On 26/6/06 7:40, Justin Alcorn <[EMAIL PROTECTED]> wrote:
Unfortunately, our AD will not allow an active user to not have a
password. So the delete and add fails. Therefore, I had to use the
Well that's just broken, and in violation of the LDAP spec.
What happens if your modify operation tries to add the new value and then
delete the old one? ie the opposite order to this line:
# attempt the self-modify. Unfortunately, it will always fail for now
$mesg = $ldap->modify($dn,
changes => [
delete => [ unicodePwd => $oldUniPW ],
add => [ unicodePwd => $newUniPW ] ]);
Hey, that works!!!!
*slaps forehead*
Geez, I'm glas someone else asked the question. I've been beating my
brains on this one. I just never thought about the fact that we require
passwords on all accounts, until today.
Someone should change the FAQ......
I spoke too soon.
The new password now works.
Unfortunately, so does the old one. The delete never happened. No
error, it just silently adds the new password without deleting the old
one. Something is VERY fishy here. Obviously, unicodePwd is a
multi-valued attribute, and the user cannot delete the values. But why
no error message?
