使用 sAMAccountName 在 LDAP 中更改密码
Change password in LDAP using sAMAccountName
我有以下代码可以更改 LDAP 中的用户密码。如果我使用用户的 CN 它可以工作,但我不知道我应该怎么做才能让它与 sAMA 一起工作。
public static void main(String[] args) {
Properties prop = new Properties();
prop.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
prop.put(Context.SECURITY_AUTHENTICATION, "simple");
prop.put(Context.SECURITY_PRINCIPAL, "user_conect@ifjac.redelocal");
prop.put(Context.SECURITY_CREDENTIALS, "ifpr2018");
prop.put(Context.SECURITY_PROTOCOL, "ADSecurityProtocol");
prop.put(Context.PROVIDER_URL, "ldap://localhost/OU=Group,DC=ifjac,DC=redelocal");
try {
LdapContext ctx = new InitialLdapContext(prop, null);
String oldPassword = "old";
String newPassword = "new";
ModificationItem[] mods = new ModificationItem[2];
String oldQuotedPassword = "\"" + oldPassword + "\"";
byte[] oldUnicodePassword = oldQuotedPassword.getBytes("UTF-16LE");
String newQuotedPassword = "\"" + newPassword + "\"";
byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
mods[0] = new ModificationItem(DirContext.REMOVE_ATTRIBUTE,
new BasicAttribute("unicodePwd", oldUnicodePassword));
mods[1] = new ModificationItem(DirContext.ADD_ATTRIBUTE,
new BasicAttribute("unicodePwd", newUnicodePassword));
String theUserName = "CN=user, OU=Users";
ctx.modifyAttributes(theUserName, mods);
System.out.println("Changed Password for successfully");
ctx.close();
} catch (Exception e) {
System.err.println("Problem changing password: " + e);
}
}
您需要先使用sAMAccountName在AD中查找用户,然后从搜索结果中取出DN并将其放入theUserName变量中。
创建一个如下所示的过滤器:
(sAMAccountName={theSamAccountName})
然后用它来搜索目录。
我有以下代码可以更改 LDAP 中的用户密码。如果我使用用户的 CN 它可以工作,但我不知道我应该怎么做才能让它与 sAMA 一起工作。
public static void main(String[] args) {
Properties prop = new Properties();
prop.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
prop.put(Context.SECURITY_AUTHENTICATION, "simple");
prop.put(Context.SECURITY_PRINCIPAL, "user_conect@ifjac.redelocal");
prop.put(Context.SECURITY_CREDENTIALS, "ifpr2018");
prop.put(Context.SECURITY_PROTOCOL, "ADSecurityProtocol");
prop.put(Context.PROVIDER_URL, "ldap://localhost/OU=Group,DC=ifjac,DC=redelocal");
try {
LdapContext ctx = new InitialLdapContext(prop, null);
String oldPassword = "old";
String newPassword = "new";
ModificationItem[] mods = new ModificationItem[2];
String oldQuotedPassword = "\"" + oldPassword + "\"";
byte[] oldUnicodePassword = oldQuotedPassword.getBytes("UTF-16LE");
String newQuotedPassword = "\"" + newPassword + "\"";
byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
mods[0] = new ModificationItem(DirContext.REMOVE_ATTRIBUTE,
new BasicAttribute("unicodePwd", oldUnicodePassword));
mods[1] = new ModificationItem(DirContext.ADD_ATTRIBUTE,
new BasicAttribute("unicodePwd", newUnicodePassword));
String theUserName = "CN=user, OU=Users";
ctx.modifyAttributes(theUserName, mods);
System.out.println("Changed Password for successfully");
ctx.close();
} catch (Exception e) {
System.err.println("Problem changing password: " + e);
}
}
您需要先使用sAMAccountName在AD中查找用户,然后从搜索结果中取出DN并将其放入theUserName变量中。
创建一个如下所示的过滤器:
(sAMAccountName={theSamAccountName})
然后用它来搜索目录。