I need to change the logonHours attribute in Active Directory over LDAP, eg. using ldapmodify. The attribute is of type byte string.
Is this possible?
active-directoryldap
I need to change the logonHours attribute in Active Directory over LDAP, eg. using ldapmodify. The attribute is of type byte string.
Is this possible?
Best Answer
Use base64 encoding of the binary string in your LDAP change. The
::
specifies that the value is base64 encoded.So, here's the base64 encoded version of 21 bytes of
11111111
, to allow login always:And here's
00000000
, for never:And, say, 9 to 5 on Monday through Friday: