Mike Matz wrote:
> In the future I plan to try to implement the sasl_bind
> code that Michael mentioned.
In the past after invoking kinit command-line tool for getting a TGT I
was successful sending a SASL bind with mech GSSAPI with python-ldap,
OpenLDAP libs and heimdal. But not sure about whet
Thank you to all who responded to my queries. I have been able to
successfully create an account and set the password for an AD user on
my test server. For those who are interested here is the breakdown of
what I did. As I continue to debug and test I will post updates to
this topic.
Geert Jansen wrote:
>
> Forget about using LDAP to change a user's password. It can be done but
> it requires 128-bit SSL and so you need to set up certificate services
> and distribute the CA certificate to your client. An easier way is to
> use the Kerberos Set Password protocol (RFC3244). MIT K
