I'm trying to change user passwords using ldifde tool with the following commmand:
ldifde -i -h -f .\password.ldf -J ./
Here is one of the entries that are in the password.ldf file:
dn: CN=pwtest,OU=Engineering,DC=MyDc,DC=com
changetype: modify
replace: unicodePwd
unicodePwd::Ik51bWJza3VsbDIxIg==
-
I've changed the domain and password in this example but I've assured that the password I'm using meets password policy. I did this by resetting one of the user's password to the password I'm trying to update them all to.
I receive the following error:
Add error on entry starting on line 2: Unwilling To Perform
The server side error is: 0x1f A device attached to the system is not functioning.
The extended server error is:
0000001F: SvcErr: DSID-031A129B, problem 5003 (WILL_NOT_PERFORM), data 0
Im logged into the machine as administrator via RDP and I'm using the local powershell. I have updated the passwords yesterday using this method and it worked fine. The only thing that is different now, that I can know of, is the users now have passwords and I'm attempting to change them. Also, this is Windows server 2012 Datacenter.
Best Answer
AD requires an SSL connection to change a password. Try adding -t 636 to your command.
e.g. ldifde -i -h -t 636 -f .\password.ldf -J ./
You may have other missing dependencies such as high encryption packs / etc.
Added from comments: