Page 6 of 12 First ... 45678 ... Last
  • Jump to page:
    #76
  1. Psycho Canadian
    Devshed Demi-God (4500 - 4999 posts)

    Join Date
    Jan 2001
    Location
    Canada
    Posts
    4,846
    Rep Power
    635
    I believe if you're accessing the LDAP server directly from the same computer then you don't need SSL but otherwise you most likly do.
  2. #77
  3. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2004
    Posts
    4
    Rep Power
    0
    Hy I have tried to read the Active Directory (LDAP) remotely by a LDAP Browser and I don't find entrys for the password, what should i do, are there any special DNs or CN??
    Thax Fiveman
    I logged into the directory with the Admin
  4. #78
  5. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Location
    San Angelo, Texas (USA)
    Posts
    286
    Rep Power
    13
    Microsoft says you must use SSL before you can write to the unicodePwd field.

    It is not possible read the unicodePwd field. The CN of the unicodePwd field is "Unicode-Pwd".
    Last edited by MatthewClark; August 11th, 2004 at 07:46 AM.
  6. #79
  7. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Location
    San Angelo, Texas (USA)
    Posts
    286
    Rep Power
    13
    Originally Posted by hithere76
    Hi,

    I am trying to create user acct in Active Directory LDAP server frm=om a JAVA application.

    1) Is SSL a must??
    2) how come i am able to create users with setting password over a non-SSL mode from a java app?
    3) how come i am able to create accts with password from C++ apps??

    Is there a clear document from MSFT on SSL requirements for ADS access to create user accts from C++/Java apps.

    Anita
    Try this article:
    http://support.microsoft.com/default...b;en-us;273753
  8. #80
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2004
    Location
    Stuttgart
    Posts
    50
    Rep Power
    10
    Anyone of you checked the policy Settings of the Active Directory Server?

    The Server 2003 has very strict default password policies; if your password doesn't conform the rules it says "Server unwilling to perform..."
  10. #81
  11. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Location
    San Angelo, Texas (USA)
    Posts
    286
    Rep Power
    13
    Yeah, when I try to write to the unicodePwd field, I always conform to my server's password policy (can't vouch for anyone else, though).
  12. #82
  13. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2004
    Location
    Stuttgart
    Posts
    50
    Rep Power
    10
    AY, sorry for disturbing, but a cannot even make a connection with ldaps://serverip/ ...

    There is a CA installed n the Server running the AD. What more do i have to do?
  14. #83
  15. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Location
    San Angelo, Texas (USA)
    Posts
    286
    Rep Power
    13
    It seems "ldaps://" does not work when connecting to Active Directory. You'll have to specify "ldap://", and then manually specify the secure LDAP port. Look at previous posts for that information.
  16. #84
  17. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2004
    Location
    Stuttgart
    Posts
    50
    Rep Power
    10
  18. #85
  19. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Location
    San Angelo, Texas (USA)
    Posts
    286
    Rep Power
    13
    Wow. I don't know how you figured that out, but I will try it, and if it works, YOU ARE GOD.
  20. #86
  21. Psycho Canadian
    Devshed Demi-God (4500 - 4999 posts)

    Join Date
    Jan 2001
    Location
    Canada
    Posts
    4,846
    Rep Power
    635
  22. #87
  23. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Location
    San Angelo, Texas (USA)
    Posts
    286
    Rep Power
    13
    Well, the scripts I wrote initially don't work at all anymore (after-effect of renaming a domain), and I don't have the time to figure them out.

    I don't know when I'll have the time to play, but rest assured, I took notes . I'll play with it again soon...

    Wow, I'm still utterly stoked that he made it work, and I won't believe it until I see it.
  24. #88
  25. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2004
    Posts
    1
    Rep Power
    0
    Hey Guys - I'm new to this forum, so be easy on me... I got the LDAPS thing working - installing a cert server on my DC took care of that. I created the directory and necessary file with reference to OpenLDAP on the DC. I made sure that the web server was "trusted for delegation" on the machine object. I think the main problem I am facing now is the Unicode encoding process. I can get the encoding done with the "stringconverter.exe" app, and have it post it to another variable or even to a text file (and I even avoided the forking issue...finally... stupid NTFS security...). I really want to avoid using an external app to do the conversion. Thus far, all of the sample code that I have found will not encode a string so that it matches the output of the stringconverter. The code found on the link from arknius found at http://www.ldaphelp.com/viewtopic.php?t=6 doesn't work for me. I keep getting an unknown variable found on line 8. Turns out that my ver of PHP (or whatever...) doesn't like the $newpassw variable with a ".=" . If I define the variable, the error goes away, but alas, no encoding... lol. I have been toying around with PHP for a few years, and this is pretty much the only thing I haven't been able to do - thus far. If anyone has found a working code, please post.
    Network Config:
    2003 Domain Controller - Cert Services / OPENLDAP dir at root
    2003 Member Server hosting IIS6 and PHP 5.
    By the way, using the stringconverter and ldifde does work, but I would really like to keep everything internal to PHP with LDAP calls.
    Thanks!
  26. #89
  27. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2004
    Location
    Stuttgart
    Posts
    50
    Rep Power
    10
    Check my solution on http://www.ldaphelp.com

    it works with AD

    PHP Code:
    // Check Pwds 
    if ( $passwd1 == $passwd2 ) { 
       
    // prepare data 
          
    $newPassword $passwd1
          
    $newPassword "\"" $newPassword "\""
          
    $len strlen($newPassword); 
          for (
    $i 0$i $len$i++) 
                
    $newPassw .= "{$newPassword{$i}}\000"
          
    $newPassword $newPassw
          
    $userdata["unicodePwd"] = $newPassword
          
    $result ldap_mod_replace($ds$dn $userdata); 
          if (
    $result) echo "User modified!" 
          else echo 
    "There was a problem!"


  28. #90
  29. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2004
    Posts
    1
    Rep Power
    0
    Thanks very much. That helped me tremendously!
Page 6 of 12 First ... 45678 ... Last
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo