dcsimg
Changing Users Password in LDAP
0 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   Richard_Gundersen
Posted On:   Thursday, September 6, 2001 02:48 AM

Hi To modify a users attribute in JNDI/LDAP, do you have to connect as a user who has full Admin rights, or can any user modify attributes, providing they have the necessary rights? Here's some code: Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://myHost:389/o=MYORG"); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, "cn=Joe Bloggs, ou=H1, o=MYORG"); env.put(Context.SECURITY_CREDENTIALS, "password"); try { DirContext ctx =    More>>

Hi


To modify a users attribute in JNDI/LDAP, do you have to connect as a user who has full Admin rights, or can any user modify attributes, providing they have the necessary rights?


Here's some code:



Hashtable env = new Hashtable();

env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");

env.put(Context.PROVIDER_URL, "ldap://myHost:389/o=MYORG");

env.put(Context.SECURITY_AUTHENTICATION, "simple");

env.put(Context.SECURITY_PRINCIPAL, "cn=Joe Bloggs, ou=H1, o=MYORG");

env.put(Context.SECURITY_CREDENTIALS, "password");

try {

DirContext ctx = new InitialDirContext(env);

ModificationItem[] mods = new
ModificationItem[1];

mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("userPassword", "password2"));

ctx.modifyAttributes("cn=Joe Bloggs, ou=H1", mods);

ctx.close();

System.out.println(">>> Successfully modified password and closed Context");

:

:




This code fails, giving the error:


LDAP: error code 50 - NDS error: no access (-672)]


However, Joe Bloggs CAN change his password if he logs into Netware/ConsoleOne, so why can't my Java code do the same?



Interestingly, if I replace the security props of the environment to specify a user such as Admin e.g.




env.put(Context.SECURITY_PRINCIPAL, "cn=Admin, o=MYORG");

env.put(Context.SECURITY_CREDENTIALS, "admin_password");



...I can change Joe Blogg's password with no problems.



Any ideas?



Cheers



Richard

   <<Less
About | Sitemap | Contact