Python 3.5, Ldap3 And Modify_password()
Solution 1:
ldap3.modify_password() as of version 0.9.4.2 doesn't work with Active Directory, because it uses the Password Modify Extended Operation, which isn't supported by AD. MS found a way to do things different with AD, it seems. The ldap3 author (cannatag) was aware of this and added ad_modify_password() shortly after. You'll have to use a newer release of ldap3.
Solution 2:
OK thank you to everyone for your help, and the developers on github.
the code i used to make this work in the end was...
from ldap3 import Server, Connection
server = Server('ldaps://<AD server address>', use_ssl=True)
conn = Connection(server, user="<domain>\\<username>", password="<current password>", auto_bind=True)
dn = 'CN=<username>,OU=Users,DC=<dominaname>'
res = conn.extend.microsoft.modify_password(dn, old_password='<current password>', new_password='<new password>')
print(res)
Thought i'd post the working solution as there doesn't seem to be any on the internets!! God speed my fellow devops people.
Solution 3:
Try with ldaps:// instead of ldap://. or dont use the scheme at all and pass use_ssl=True in the Server definition. AD connection must use ssl to modify the password.
Solution 4:
Which version of ldap3 are you using? From the source code of ldap3 version 2.2 it would seem to me that the function should be use in a similar way:
#!/usr/bin/python3.5from ldap3 import Server, Connection, NTLM, ALL
server = Server('ldap://192.168.0.80', use_ssl=True)
conn = Connection(server, user="local\\dctest", password="Pa55word1", authentication=NTLM, auto_bind=True)
res = ldap3.extend.microsoft.modifyPassword(conn, user, "new_Pa55word2", "old_Pa55word1")
Post a Comment for "Python 3.5, Ldap3 And Modify_password()"