Change Active Directory Password Via Spring LDAP

2
votes

I have a Java application and I want that each user have the possibility to change own password via application.

This is my code:

public void changePassword()
{
    LdapContextSource contextSource = new LdapContextSource();
    contextSource.setUrl("LDAPS://X.Y.Z.T/");
    contextSource.setBase("DC=example,DC=com");
    contextSource.setUserDn("[email protected]");
    contextSource.setPassword("oldpass");
    contextSource.afterPropertiesSet();

    LdapTemplate ldapTemplate = new LdapTemplate(contextSource);

    byte[] li_byOldpass = encodePassword("oldpass");
    byte[] li_byNewpass = encodePassword("newpass");

    Attribute oldattr = new BasicAttribute("unicodePwd", li_byOldpass);
    Attribute newattr = new BasicAttribute("unicodePwd", li_byNewpass);
    ModificationItem olditem = new   ModificationItem(DirContext.REMOVE_ATTRIBUTE, oldattr);
    ModificationItem newitem = new ModificationItem(DirContext.ADD_ATTRIBUTE, newattr);
    ModificationItem repitem = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, newattr);

    ModificationItem[] mods = new ModificationItem[2];
    mods[0] = olditem;
    mods[1] = newitem;

    try
    {
        ldapTemplate.modifyAttributes("CN=Name Surname,OU=Office,DC=example,DC=com", new ModificationItem[] { repitem });   
    }catch(Exception e)
    {
       System.out.println("Error in changing password on Active Directory: " + e.getMessage() );
    }
}

Unfortunately it doesn't work, and this is the errore that i get:

[LDAP: error code 32 - 0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT), data 0, best match of:'DC=example,DC=com'];

Any help will be appreciate

Thanks

2
javaspringactive-directoryldap
Hope it helps :forum.spring.io/forum/spring-projects/data/ldap/…Arpit Aggarwal
Could you solve your issue?Rodolfo Velasco

2 Answers

0
votes

This answer is for the posterity

Check this link : http://www.baeldung.com/spring-ldap

Exemple of code :

    @Autowired
    private LdapTemplate ldapTemplate;

    private static final String BASE_DN = "OU=Metaverse";

    protected void buildDn(UserAd user) {
        Name dn = LdapNameBuilder.newInstance(BASE_DN)
            .add("OU", "Orga_Unit")
            .add("OU", "Orga_Unit")
            .add("CN", "ldap_cn").build();

        DirContextAdapter context = new DirContextAdapter(dn);

        context.setAttributeValues(
           "objectclass", 
           new String[] 
           { "top", 
             "person", 
             "organizationalPerson"});
        context.setAttributeValue("sn", "CREATETEST");
        context.setAttributeValue("userPassword","password");

        ldapTemplate.bind(context);
    }
0
votes

Your base is already defined in Spring LdapContextSource. So just execute:

ldapTemplate.modifyAttributes("CN=Name Surname,OU=Office", new ModificationItem[] { repitem });