How to change unicodePwd

active-directoryjndildappasswords

    Hashtable<String, String> environment = new Hashtable<String, String>();
    environment.put(LdapContext.CONTROL_FACTORIES,"com.sun.jndi.ldap.ControlFactory ");
    environment.put("javax.security.sasl.policy.noplaintext", "true");
    environment.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
    environment.put(Context.PROVIDER_URL, "ldap://url:389/");
    environment.ut(Context.SECURITY_AUTHENTICATION, "DIGEST-MD5 GSSAPI");
    environment.put(Context.SECURITY_PROTOCOL, "sasl");
    environment.put(Context.SECURITY_PRINCIPAL, "admin");
    environment.put(Context.SECURITY_CREDENTIALS, "password");
    try {
        System.out.println("nine");
        DirContext ctx = new InitialDirContext(environment);
        System.out.println("ten");

        String oldPass = "" + "3qgYl3R2oh7Rwo6" + "";
        String newPass = "" + "3qgYl3R2oh7Rwo5" + "";

        ModificationItem[] modificationItems = new ModificationItem[2];
        modificationItems[0] = new ModificationItem(
                DirContext.REMOVE_ATTRIBUTE, new BasicAttribute(
                        "unicodePwd", oldPass.getBytes("UTF-16LE")));
        modificationItems[1] = new ModificationItem(
                DirContext.ADD_ATTRIBUTE, new BasicAttribute("unicodePwd",
                        newPass.getBytes("UTF-16LE")));
    //  modificationItems[0] = new ModificationItem(
            //  DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(
                //      "unicodePwd", newPass.getBytes("UTF-16LE")));

        try {
            ctx.modifyAttributes("CN=xxx,OU=xx,OU=xx,DC=xx,DC=xxx,DC=xx",
                    modificationItems);
        } catch (NamingException e) {
            e.printStackTrace();
        }
        ctx.close();
    } catch (NamingException | UnsupportedEncodingException e) {
        e.printStackTrace();
        System.out.println(e.getMessage().trim());

    }

I get the following error.
636 ssl port closed.
How to change unicodePwd?
Can you help me, please?

LDAP: error code 53 – 00002077: SvcErr: DSID-03190F0A, problem 5003 (WILL_NOT_PERFORM)

Best Answer

We have a sample that we know works on W3k.

http://ldapwiki.com/wiki/Example%20-%20Active%20Directory%20Change%20Password%20JNDI

But your issues is that Microsoft Active Directory REQUIRES all password settings to be done over a secure connection. Which we also cover: http://ldapwiki.com/wiki/Setting%20and%20Changing%20Microsoft%20Active%20Directory%20Passwords

Related Topic