Re: Trying to add a user to AD via LDIFDE but receiving an error stating "Unable to update the password"
- From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 4 Oct 2007 20:59:23 -0500
It is kind of tricky to do. I think there might be a kbase article on it
somewhere.
Basically, you need to set the unicodePwd attribute with the password value,
where that is the binary version of the unicode string of the password value
surrounded by "" characters. Thus, if you want to set a password of
Password1, you would use the string "Password1". That value as an array of
bytes is this in hex:
22-00-50-00-61-00-73-00-73-00-77-00-6F-00-72-00-64-00-31-00-22-00
Since binary values are set in LDIF using Base64 format, that would
translate to:
IgBQAGEAcwBzAHcAbwByAGQAMQAiAA==
Thus, the LDIF file line might look like:
unicodePwd:: IgBQAGEAcwBzAHcAbwByAGQAMQAiAA==
You can only set unicodePwd over a secure channel, so you need to make sure
that you use SSPI auth with LDIFDE and use the -h switch (I think; going
from memory here) and your AD server must be 2003. Also, you client must be
XP or higher. If your client or server are running Win2K, then this
operation can only be done via SSL, so you'll need an SSL/LDAP enabled DC.
So, it isn't exactly straightforward, but it can be made to work. :)
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Spin" <Spin@xxxxxxxx> wrote in message
news:5mlcamFe58u1U1@xxxxxxxxxxxxxxxxxxxxx
That's it Joe, my domain requires setting a password. What's the syntax
for setting the password?
"Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:eiox3CdBIHA.1208@xxxxxxxxxxxxxxxxxxxxxxx
I think it may actually have been that he tried to enable the account
(userAccountControl: 512) without first setting a password. If the domain
pwd policy requires passwords, then you have to set a password before
enabling.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx> wrote in message
news:%23e0nnBaBIHA.4496@xxxxxxxxxxxxxxxxxxxxxxx
Hi
The error sounds self explanatory:
"The value provided forthe new password does not meet the length,
complexity, or history requirement of the domain"
You need to provide a Password that respects the Password Domain Policy.
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MCSE, MVP Directory Services
"Spin" <Spin@xxxxxxxx> wrote in message
news:5mgf1lFdddjjU1@xxxxxxxxxxxxxxxxxxxxx
Gurus,
Trying to add a user to AD via LDIFDE but receiving an error stating
"Unable to update the password". What am I doing wrong?
"Add error on line 1: Unwilling To PerformThe server side error is
"Unable to update the password. The value provided forthe new password
does not meet the length, complexity, or history requirement of the
domain."0 entries modified successfully.An error has occurred in the
program"
And here's the code inside the file I am importing with LDIFDE.
dn: cn=psmith,cn=users,dc=mydom,dc=local
changetype: addobject
Class: user
samaccountname: psmith
sn: PSmith
useraccountcontrol: 512
dn: cn=psmith,cn=users,dc=mydom,dc=local
changetype: modify
add: givenName
givenName: Paul
-
replace: sn
sn: SMith
-
.
- Follow-Ups:
- References:
- Trying to add a user to AD via LDIFDE but receiving an error stating "Unable to update the password"
- From: Spin
- Re: Trying to add a user to AD via LDIFDE but receiving an error stating "Unable to update the password"
- From: Jorge Silva
- Re: Trying to add a user to AD via LDIFDE but receiving an error stating "Unable to update the password"
- From: Joe Kaplan
- Re: Trying to add a user to AD via LDIFDE but receiving an error stating "Unable to update the password"
- From: Spin
- Trying to add a user to AD via LDIFDE but receiving an error stating "Unable to update the password"
- Prev by Date: Re: Trying to add a user to AD via LDIFDE but receiving an error stating "Unable to update the password"
- Next by Date: Re: Owner Attribute
- Previous by thread: Re: Trying to add a user to AD via LDIFDE but receiving an error stating "Unable to update the password"
- Next by thread: Re: Trying to add a user to AD via LDIFDE but receiving an error stating "Unable to update the password"
- Index(es):
Relevant Pages
|
