Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Core >> Core APIs

Changing Password in Active Directory

Hi Guys,

I am Stuck and need your immediate help : Its very urgent :

I am trying to change user password in Active Directory and getting following exception. But I am able to get all the users information from the Active Directory....

javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 00002077: SvcErr: DSID-03190DC9, problem 5003 (WILL_NOT_PERFORM), data 0

My Code for changing password is as below :

public class ChangePassword

{

public static void main (String[] args)

{

Hashtable env = new Hashtable();

String userName = "CN=Bruce Lombardi,CN=Users,DC=Sphere,DC=Local";

String oldPassword = "password";

String newPassword = "password2";

env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");

String ldapURL = "ldap://sphere3:389";

env.put(Context.SECURITY_AUTHENTICATION,"simple");

env.put(Context.SECURITY_PRINCIPAL,userName);

env.put(Context.SECURITY_CREDENTIALS,"password");

env.put(Context.PROVIDER_URL,ldapURL);

try {

DirContext ctx = new InitialDirContext(env);

//change password is a single ldap modify operation

//that deletes the old password and adds the new password

ModificationItem[] mods = new ModificationItem[1];

String oldQuotedPassword = "\"" + oldPassword + "\"";

byte[] oldUnicodePassword = oldQuotedPassword.getBytes("UTF-16LE");

String newQuotedPassword = "\"" + newPassword + "\"";

byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");

String newValue = Integer.toString(-1);

mods[0] = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, new

BasicAttribute("unicodePwd", oldUnicodePassword));

mods[1] = new ModificationItem(DirContext.ADD_ATTRIBUTE, new

BasicAttribute("unicodePwd", newUnicodePassword));

// Perform the update

ctx.modifyAttributes(userName, mods);

System.out.println("Changed Password SUCCESSFULLY for: " + userName);

ctx.close();

}

catch (NamingException e) {

System.err.println("Password COULD NOT be CHANGED: " + e);

}

catch (UnsupportedEncodingException e) {

System.err.println("Problem encoding password: " + e);

}

}

In my Active Directory for this user I have password never expire checked. Can I change password without using ssl connection?

Thanks

[2434 byte] By [VictorJeeta] at [2007-11-27 3:31:22]
«« 2D Ball Collisions - I bet you've heard this before...
»» how to make jar file?
# 1

For obvious security reasons, you must use an encrypted session, either SSL or TLS.

It seems as though you've read the post titled "JNDI, Active Directory & Changing Passwords" at http://forum.java.sun.com/thread.jspa?threadID=592611&tstart=50.

Refer to the post titled "JNDI, Active Directory & Authentication (part 2) (SSL)" at

http://forum.java.sun.com/thread.jspa?threadID=581425&tstart=50 for a brief discussion on how to setup the SSL part.

If you are using Active Directory Application Mode (ADAM), you can loosen the requirement for setting passwords over an encrypted session. Refer to http://www.microsoft.com/windowsserver2003/adam/ADAMfaq.mspx

IIRC, it twiddles one of the bit values on the servers dsHeuristics attribute in the configuration naming context.

adler_stevena at 2007-7-12 8:34:23 > top of Java-index,Core,Core APIs...
# 2

Hi Steven,

Thanks a lot for your reply. So changing password in Active Directory is ONLY possible using ssl connection.

Steven I would appreciate your help if you please let me know the steps or how do I install certificate of authority on my server 2003 Active Directory and on my client machine. How do I create certificate on my server and client machine to test my application for changing user password in Active Directory Under TEST ENVIRONMENT. Is there any tool that generates CA for testing purpose?

Your help in this need of hours would be highly appreciated.

Thanks

VictorJeeta at 2007-7-12 8:34:23 > top of Java-index,Core,Core APIs...
# 3
http://support.microsoft.com/kb/228991
buddylighta at 2007-7-12 8:34:23 > top of Java-index,Core,Core APIs...
Core
Core APIs

Core New Topic

Core Hot Topic

Core

All Classified