mike.pet...@opengi.co.uk wrote:
>
>> There's a MSDN article about how to set attribute unicodePwd via LDAP
>> in AD.
>
> If I try the alternative method however:
>
> mod_attrs = [( ldap.MOD_REPLACE, 'unicodePwd', 'password' )]
> dn = 'CN=Barney Rubble,OU=Users,DC=mydomain,dc=local'
> r = l.modify_s(dn, mod_attrs)
>
> I get:
>
> {'info': '0000001F: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM),
> data 0\n', 'desc': 'Server is unwilling to perform'}
>
> I guess I'm still missing something :(
Did you search for the MSDN article? The value has to be in your case above:
'"password"'.encode('utf-16-le')
Note the quotes and the UTF-16 low-endian encoding.
> One thing which may be relevant is if I use l.start_tls_s() before
> simple_bind_s, the login fails although without start_tls_s Wireshark shows
> the connection to be encrypted.
With AD the connection has to be encrypted for write access to unicodePwd but
that can also be done with ldaps:// on port 636.
Ciao, Michael.
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Python-LDAP-dev mailing list
Python-LDAP-dev@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
