Can't get LDAP::Message object with modify method

Fri, 26 Sep 2008 08:06:07 -0700 

I have a perl script to change a users Active Directory password.
The script works fine. I can bind to AD and change the users password
running the script on linux over an encrypted TLS session to Windows AD.

I can get valid return message objects from other methods but I cannot
get a valid message object from the modify method that does the
password changing. The Windows AD password is changed by
using modify to the write only "unicodePwd" attribute.

I found some of the code on the web and wondered why the person
used:

$mesg->{'resultCode'}

instead of:

$mesg->code()

And the reason must be that $mesg->code() does not work in this
case.

Here is the part of the code with the output below when I run
it and get a password change failure. I force a failure by
passing a password that Windows AD does not like. Again this
works if I pass a good password. I want to get a an error
message from the server that describes why the password failed.


Here is the section of code that changes the password:

# the unicodePwd attribute is write only
$mesg = $AD->modify($dn, replace => { "unicodePwd" => $adpw });
print "mesg->code = $mesg->code() \n";
print "resultCode = $mesg->{'resultCode'} \n";

if($mesg->{'resultCode'} != 0) {
        print STDERR "\nFailed to change password for $cn exiting.\n";
        print STDERR "error_text:" . $mesg->error_text . "\n";
        print STDERR "server_error:" . $mesg->server_error . "\n";
        print STDERR "error:" . $mesg->error . "\n";
        print
        exit 1;
}


Output from above section:

mesg->code = Net::LDAP::Modify=HASH(0x81d1f90)->code()
resultCode = 53

Failed to change password for astroboy exiting.
error_text:The server is unwilling to perform the requested operation
server_error:0000052D: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0 

error:0000052D: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0


Thanks for any help on this.

--
John W. Sopko Jr.               University of North Carolina
email: sopko AT cs.unc.edu      Computer Science Dept., CB 3175
Phone: 919-962-1844             Sitterson Hall; Room 044
Fax:   919-962-1799             Chapel Hill, NC 27599-3175

Reply via email to