1. <i id='K9hd4'><tr id='K9hd4'><dt id='K9hd4'><q id='K9hd4'><span id='K9hd4'><b id='K9hd4'><form id='K9hd4'><ins id='K9hd4'></ins><ul id='K9hd4'></ul><sub id='K9hd4'></sub></form><legend id='K9hd4'></legend><bdo id='K9hd4'><pre id='K9hd4'><center id='K9hd4'></center></pre></bdo></b><th id='K9hd4'></th></span></q></dt></tr></i><div id='K9hd4'><tfoot id='K9hd4'></tfoot><dl id='K9hd4'><fieldset id='K9hd4'></fieldset></dl></div>

      <small id='K9hd4'></small><noframes id='K9hd4'>

      • <bdo id='K9hd4'></bdo><ul id='K9hd4'></ul>

      <tfoot id='K9hd4'></tfoot>

        <legend id='K9hd4'><style id='K9hd4'><dir id='K9hd4'><q id='K9hd4'></q></dir></style></legend>

        如何解决“WILL_NOT_PERFORM"?尝试使用 unboundid LDAP SDK 在 scala

        时间:2023-10-14

        <legend id='hejS0'><style id='hejS0'><dir id='hejS0'><q id='hejS0'></q></dir></style></legend><tfoot id='hejS0'></tfoot>

              <bdo id='hejS0'></bdo><ul id='hejS0'></ul>

                  <tbody id='hejS0'></tbody>
                <i id='hejS0'><tr id='hejS0'><dt id='hejS0'><q id='hejS0'><span id='hejS0'><b id='hejS0'><form id='hejS0'><ins id='hejS0'></ins><ul id='hejS0'></ul><sub id='hejS0'></sub></form><legend id='hejS0'></legend><bdo id='hejS0'><pre id='hejS0'><center id='hejS0'></center></pre></bdo></b><th id='hejS0'></th></span></q></dt></tr></i><div id='hejS0'><tfoot id='hejS0'></tfoot><dl id='hejS0'><fieldset id='hejS0'></fieldset></dl></div>
              1. <small id='hejS0'></small><noframes id='hejS0'>

                  本文介绍了如何解决“WILL_NOT_PERFORM"?尝试使用 unboundid LDAP SDK 在 scala 中更改密码时,MS AD 回复?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

                  问题描述

                  我正在与 Active Directory 搏斗,试图让它让我更改密码.我找到了大量有用的信息,但我仍然遇到持续错误.

                  I'm wrestling with Active Directory, trying to get it to let me change a password. I've found tons of useful information, but I'm still getting a persistent error.

                  一些代码:

                  import com.unboundid.ldap.sdk._
                  import com.unboundid.util.ssl._
                  
                  
                  def main(args: Array[String]) : Unit = {
                  
                  var sslUtil = new SSLUtil( new TrustAllTrustManager() )
                  var con = new LDAPConnection(sslUtil.createSSLSocketFactory())
                  con.connect("ldap.example.net", 636)
                  con.bind("ldapadmin", "adminpasswd")
                  val newPass = "Jfi8ZH8#k".getBytes("UTF-16LE");
                  val modRequest = new ModifyRequest("dn: cn=Tester Dude,ou=Lab,ou=Org,ou=Provider,DC=example,DC=net",
                    "changetype: modify",
                    "replace: unicodePwd",
                    "unicodePwd: " + '"' + newPass + '"')
                  
                  println("
                  Going to try to set password to " + newPass + " with: " + modRequest.toString())
                  
                  try {
                    con.modify(modRequest)
                  } catch {
                    case lde:LDAPException => println("failed LDAPException: " + lde.toString())
                  }
                  
                  }
                  

                  所以,我认为这是一个运行时错误:

                  So, I get this as a runtime error:

                  将尝试将密码设置为 [B@6dd1627e 与:ModifyRequest(dn='cn=Tester Dude,ou=Lab,ou=Org,ou=Provider,DC=example,DC=net', mods={替换 unicodePwd})

                  Going to try to set password to [B@6dd1627e with: ModifyRequest(dn='cn=Tester Dude,ou=Lab,ou=Org,ou=Provider,DC=example,DC=net', mods={REPLACE unicodePwd})

                  LDAPException 失败:LDAPException(resultCode=53 (不愿意执行), errorMessage='0000001F: SvcErr: DSID-031A11E5, 问题 5003 (WILL_NOT_PERFORM), 数据 0', diagnosticMessage='0000001F: SvcErr: DSID-031A11E5, 问题 5003 (WILL_NOT_PERFORM), 数据 0')

                  failed LDAPException: LDAPException(resultCode=53 (unwilling to perform), errorMessage='0000001F: SvcErr: DSID-031A11E5, problem 5003 (WILL_NOT_PERFORM), data 0 ', diagnosticMessage='0000001F: SvcErr: DSID-031A11E5, problem 5003 (WILL_NOT_PERFORM), data 0 ')

                  所以在我所知道的可能导致此错误的事情中:

                  So among the things I know can cause this error:

                  1. 未通过 SSL 连接.(这里不是这种情况,我已经使用 netstat 100% 确定我在端口 636 上)
                  2. 传递的密码违反了 Active Directory 密码策略.(我已经测试过手动设置该确切密码;它会拒绝短/简单密码,但它接受我在此代码中使用的密码)

                  我已经尝试过在密码周围加引号和不加引号.

                  I've tried it both with and without the extra quotes around the password.

                  迄今为止最有用的信息来源是:

                  The most useful source of info thusfar was:

                  http://www.dirmgr.com/blog/2010/8/26/ldap-password-changes-in-active-directory.html

                  但我已经用尽了那里(以及许多其他地方)的所有建议.

                  But I've exhausted every suggestion there (and a lot of other places).

                  我还尝试了其他几件事,包括为手动添加的其他有效用户设置密码.(这个也是通过sdk添加的.)

                  I've also tried several other things, including setting the password for a different valid user that was added manually. (This one was added via the sdk also.)

                  其他操作正常.我已经删除了不相关的代码,但我能够毫无问题地搜索、打印属性、添加和删除用户;但此修改请求失败.如果我将 ModifyRequest 设置为更改其他一些属性,例如关联的电子邮件,那也可以正常工作.

                  Other operations are working fine. I've removed the irrelevant code but I was able to search, print attributes, add, and delete a user with no problem; but this modify request fails. If I set the ModifyRequest to change some other attribute, such as the email associated, that also works fine.

                  推荐答案

                  连接不够安全

                  引用自:http://support.microsoft.com/kb/269190

                  为了修改此属性,客户端必须与服务器建立 128 位安全套接字层 (SSL) 连接.

                  In order to modify this attribute, the client must have a 128-bit Secure Socket Layer (SSL) connection to the server.

                  因此,即使其他一切看起来都正确,如果连接被认为不安全,您仍然可能会收到 SvcErr: DSID-03190F4C,问题 5003 (WILL_NOT_PERFORM).

                  So even if everything else looks right, you may still get an SvcErr: DSID-03190F4C, problem 5003 (WILL_NOT_PERFORM) if the connection is deemed insecure.

                  如果您尝试在没有足够权限的情况下执行 replace,则修改请求可能会失败.

                  A modify request may fail if you try to do a replace without insufficient rights.

                  dn: CN=johndoe,OU=Users,DC=example,DC=com
                  changetype: modify
                  replace: unicodePwd
                  unicodePwd:: base64(utf16le(quoted(password)))
                  -
                  

                  在这种情况下,您将收到 SecErr: DSID-03150E47, question 4003 (INSUFF_ACCESS_RIGHTS).如果您尝试使用非特权帐户绑定,就会发生这种情况.

                  You will get an SecErr: DSID-03150E47, problem 4003 (INSUFF_ACCESS_RIGHTS) in that case. This happens if you try to bind with an unprivileged account.

                  一些管理员喜欢拥有较长的密码历史记录(例如,保存最后 24 个密码).如果您使用已在历史记录中的旧密码,您将获得 CONSTRAINT_ATT_TYPE.

                  Some admins like to have a long password history (e.g. last 24 passwords saved). You will get a CONSTRAINT_ATT_TYPE if you are using an old password that is already in the history.

                  1. 保护连接

                  1. secure the connection

                  使用 delete-add 组合.

                  例如

                  dn: CN=johndoe,OU=Users,DC=example,DC=com
                  changetype: modify
                  delete: unicodePwd
                  unicodePwd:: base64(utf16le(quoted(old password)))
                  -
                  add: unicodePwd
                  unicodePwd:: base64(utf16le(quoted(new password)))
                  -
                  

                  这篇关于如何解决“WILL_NOT_PERFORM"?尝试使用 unboundid LDAP SDK 在 scala 中更改密码时,MS AD 回复?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

                  上一篇:如何定义我自己的元素类以与 Set 一起使用 下一篇:如何在 Java 中针对此 LDAP 进行 LDAP 搜索/身份验证

                  相关文章

                  <tfoot id='fe98f'></tfoot>
                  <legend id='fe98f'><style id='fe98f'><dir id='fe98f'><q id='fe98f'></q></dir></style></legend>

                  <small id='fe98f'></small><noframes id='fe98f'>

                1. <i id='fe98f'><tr id='fe98f'><dt id='fe98f'><q id='fe98f'><span id='fe98f'><b id='fe98f'><form id='fe98f'><ins id='fe98f'></ins><ul id='fe98f'></ul><sub id='fe98f'></sub></form><legend id='fe98f'></legend><bdo id='fe98f'><pre id='fe98f'><center id='fe98f'></center></pre></bdo></b><th id='fe98f'></th></span></q></dt></tr></i><div id='fe98f'><tfoot id='fe98f'></tfoot><dl id='fe98f'><fieldset id='fe98f'></fieldset></dl></div>

                    <bdo id='fe98f'></bdo><ul id='fe98f'></ul>