LDAP Programming
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me
Go Back   Dev Shed ForumsDatabasesLDAP Programming

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
Thread Tools Search this Thread Rating: Thread Rating: 10 votes, 5.00 average. Display Modes
 
Unread Dev Shed Forums Sponsor:
  #76  
Old August 9th, 2004, 11:23 AM
Viper_SB's Avatar
Viper_SB Viper_SB is offline
Psycho Canadian
Dev Shed Demi-God (4500 - 4999 posts)
 
Join Date: Jan 2001
Location: Canada
Posts: 4,825 Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level) 
Time spent in forums: 1 Month 1 Day 3 h 48 m 19 sec
Reputation Power: 630
I believe if you're accessing the LDAP server directly from the same computer then you don't need SSL but otherwise you most likly do.
__________________
Miscellaneous Software
Viper_SB
Developershed E-Support


Anyone else play chess?
Challenge me

Reply With Quote
  #77  
Old August 11th, 2004, 08:18 AM
fiveman fiveman is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Aug 2004
Posts: 4 fiveman User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 0
Hy I have tried to read the Active Directory (LDAP) remotely by a LDAP Browser and I don't find entrys for the password, what should i do, are there any special DNs or CN??
Thax Fiveman
I logged into the directory with the Admin

Reply With Quote
  #78  
Old August 11th, 2004, 08:43 AM
MatthewClark's Avatar
MatthewClark MatthewClark is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Aug 2003
Location: San Angelo, Texas (USA)
Posts: 286 MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level) 
Time spent in forums: 14 h 2 m 39 sec
Reputation Power: 9
Send a message via ICQ to MatthewClark Send a message via AIM to MatthewClark Send a message via Yahoo to MatthewClark
Microsoft says you must use SSL before you can write to the unicodePwd field.

It is not possible read the unicodePwd field. The CN of the unicodePwd field is "Unicode-Pwd".

Last edited by MatthewClark : August 11th, 2004 at 08:46 AM.

Reply With Quote
  #79  
Old August 11th, 2004, 08:55 AM
MatthewClark's Avatar
MatthewClark MatthewClark is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Aug 2003
Location: San Angelo, Texas (USA)
Posts: 286 MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level) 
Time spent in forums: 14 h 2 m 39 sec
Reputation Power: 9
Send a message via ICQ to MatthewClark Send a message via AIM to MatthewClark Send a message via Yahoo to MatthewClark
Quote:
Originally Posted by hithere76
Hi,

I am trying to create user acct in Active Directory LDAP server frm=om a JAVA application.

1) Is SSL a must??
2) how come i am able to create users with setting password over a non-SSL mode from a java app?
3) how come i am able to create accts with password from C++ apps??

Is there a clear document from MSFT on SSL requirements for ADS access to create user accts from C++/Java apps.

Anita
Try this article:
http://support.microsoft.com/defaul...kb;en-us;273753

Reply With Quote
  #80  
Old August 25th, 2004, 10:27 AM
arknius arknius is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Aug 2004
Location: Stuttgart
Posts: 50 arknius User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 29 sec
Reputation Power: 6
Send a message via ICQ to arknius
Anyone of you checked the policy Settings of the Active Directory Server?

The Server 2003 has very strict default password policies; if your password doesn't conform the rules it says "Server unwilling to perform..."

Reply With Quote
  #81  
Old August 25th, 2004, 11:14 AM
MatthewClark's Avatar
MatthewClark MatthewClark is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Aug 2003
Location: San Angelo, Texas (USA)
Posts: 286 MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level) 
Time spent in forums: 14 h 2 m 39 sec
Reputation Power: 9
Send a message via ICQ to MatthewClark Send a message via AIM to MatthewClark Send a message via Yahoo to MatthewClark
Yeah, when I try to write to the unicodePwd field, I always conform to my server's password policy (can't vouch for anyone else, though).

Reply With Quote
  #82  
Old August 25th, 2004, 12:44 PM
arknius arknius is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Aug 2004
Location: Stuttgart
Posts: 50 arknius User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 29 sec
Reputation Power: 6
Send a message via ICQ to arknius
AY, sorry for disturbing, but a cannot even make a connection with ldaps://serverip/ ...

There is a CA installed n the Server running the AD. What more do i have to do?

Reply With Quote
  #83  
Old August 25th, 2004, 01:22 PM
MatthewClark's Avatar
MatthewClark MatthewClark is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Aug 2003
Location: San Angelo, Texas (USA)
Posts: 286 MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level) 
Time spent in forums: 14 h 2 m 39 sec
Reputation Power: 9
Send a message via ICQ to MatthewClark Send a message via AIM to MatthewClark Send a message via Yahoo to MatthewClark
It seems "ldaps://" does not work when connecting to Active Directory. You'll have to specify "ldap://", and then manually specify the secure LDAP port. Look at previous posts for that information.

Reply With Quote
  #84  
Old August 25th, 2004, 01:44 PM
arknius arknius is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Aug 2004
Location: Stuttgart
Posts: 50 arknius User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 29 sec
Reputation Power: 6
Send a message via ICQ to arknius

Reply With Quote
  #85  
Old August 25th, 2004, 03:02 PM
MatthewClark's Avatar
MatthewClark MatthewClark is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Aug 2003
Location: San Angelo, Texas (USA)
Posts: 286 MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level) 
Time spent in forums: 14 h 2 m 39 sec
Reputation Power: 9
Send a message via ICQ to MatthewClark Send a message via AIM to MatthewClark Send a message via Yahoo to MatthewClark
Wow. I don't know how you figured that out, but I will try it, and if it works, YOU ARE GOD.

Reply With Quote
  #86  
Old August 28th, 2004, 12:56 AM
Viper_SB's Avatar
Viper_SB Viper_SB is offline
Psycho Canadian
Dev Shed Demi-God (4500 - 4999 posts)
 
Join Date: Jan 2001
Location: Canada
Posts: 4,825 Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level)Viper_SB User rank is Brigadier General (60000 - 70000 Reputation Level) 
Time spent in forums: 1 Month 1 Day 3 h 48 m 19 sec
Reputation Power: 630
Did it work?

Reply With Quote
  #87  
Old August 28th, 2004, 01:01 AM
MatthewClark's Avatar
MatthewClark MatthewClark is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Aug 2003
Location: San Angelo, Texas (USA)
Posts: 286 MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level)MatthewClark User rank is Corporal (100 - 500 Reputation Level) 
Time spent in forums: 14 h 2 m 39 sec
Reputation Power: 9
Send a message via ICQ to MatthewClark Send a message via AIM to MatthewClark Send a message via Yahoo to MatthewClark
Well, the scripts I wrote initially don't work at all anymore (after-effect of renaming a domain), and I don't have the time to figure them out.

I don't know when I'll have the time to play, but rest assured, I took notes . I'll play with it again soon...

Wow, I'm still utterly stoked that he made it work, and I won't believe it until I see it.

Reply With Quote
  #88  
Old September 30th, 2004, 11:54 AM
adamsre adamsre is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Sep 2004
Posts: 1 adamsre User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 0
Send a message via MSN to adamsre
Hey Guys - I'm new to this forum, so be easy on me... I got the LDAPS thing working - installing a cert server on my DC took care of that. I created the directory and necessary file with reference to OpenLDAP on the DC. I made sure that the web server was "trusted for delegation" on the machine object. I think the main problem I am facing now is the Unicode encoding process. I can get the encoding done with the "stringconverter.exe" app, and have it post it to another variable or even to a text file (and I even avoided the forking issue...finally... stupid NTFS security...). I really want to avoid using an external app to do the conversion. Thus far, all of the sample code that I have found will not encode a string so that it matches the output of the stringconverter. The code found on the link from arknius found at http://www.ldaphelp.com/viewtopic.php?t=6 doesn't work for me. I keep getting an unknown variable found on line 8. Turns out that my ver of PHP (or whatever...) doesn't like the $newpassw variable with a ".=" . If I define the variable, the error goes away, but alas, no encoding... lol. I have been toying around with PHP for a few years, and this is pretty much the only thing I haven't been able to do - thus far. If anyone has found a working code, please post.
Network Config:
2003 Domain Controller - Cert Services / OPENLDAP dir at root
2003 Member Server hosting IIS6 and PHP 5.
By the way, using the stringconverter and ldifde does work, but I would really like to keep everything internal to PHP with LDAP calls.
Thanks!

Reply With Quote
  #89  
Old October 6th, 2004, 07:04 AM
arknius arknius is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Aug 2004
Location: Stuttgart
Posts: 50 arknius User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 29 sec
Reputation Power: 6
Send a message via ICQ to arknius
Check my solution on http://www.ldaphelp.com

it works with AD

PHP Code:
// Check Pwds 
if ( $passwd1 == $passwd2 ) { 
   
// prepare data 
      
$newPassword $passwd1
      
$newPassword "\"" $newPassword "\""
      
$len strlen($newPassword); 
      for (
$i 0$i $len$i++) 
            
$newPassw .= "{$newPassword{$i}}\000"
      
$newPassword $newPassw
      
$userdata["unicodePwd"] = $newPassword
      
$result ldap_mod_replace($ds$dn $userdata); 
      if (
$result) echo "User modified!" 
      else echo 
"There was a problem!"



Reply With Quote
  #90  
Old November 5th, 2004, 05:16 PM
artietet artietet is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Nov 2004
Posts: 1 artietet User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 0
Thanks very much. That helped me tremendously!

Reply With Quote
Reply

Viewing: Dev Shed ForumsDatabasesLDAP Programming > Modifying Active Directory passwords through PHP and IIS


Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump




 Free IT White Papers!
 
How to Present Effectively Online
This white paper offers practical and actionable advice on the key steps that any presenter should consider as they plan and execute a Webinar or online meeting.

 
Open Source Security Myths
Open Source Software (OSS) is computer software whose source code is available to the general public with relaxed or non-existent intellectual property restrictions (or arrangement such as the public domain), and is usually developed with the input of many contributors.

 
Power and Cooling Capacity Management for Data Centers
This paper describes the principles for achieving power and cooling capacity management.

 
Scalable, Fault-Tolerant NAS for Oracle - The Next Generation
For several years NAS has been evolving as a storage alternative for Oracle databases, and for good reason: NAS is quite often the simplest, most cost-effective storage approach for Oracle. Learn about the benefits that HP's approach to scalable NAS brings to Oracle environments in this comprehensive white paper.

 
Understanding Web Application Security Challenges
This white paper discusses many common threats and preventive measures for Web application security, and explains what you can do to help protect your organization.

 

Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 




© 2003-2009 by Developer Shed. All rights reserved. DS Cluster 3 Hosted by Hostway
Stay green...Green IT