Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris
 
PerlMonks  

comment on

( [id://3333]=superdoc: print w/replies, xml ) Need Help??

Dear Perlmonks geeks,

I'm creating script which will do a password reset that will connect using LDAP in Windows 2012 R2. I have tried this below script and it work using Windows 2008 R2 LDAP connection but when I run this in Wndows 2012 R2 it says successful but the password did not change. Anyone using Windows 2012 LDAP connection to reset password? that can show how its done. Thanks

#!/usr/bin/perl -w # # changing user passwords in AD # use strict; use warnings; use Net::LDAP; # module needed to encode AD password use Unicode::String qw(utf8); # # ARGV is username password my $username = $ARGV[0]; my $passwd = $ARGV[1]; my $result; my $adsvr='twnlab.local'; my $adbinddn='cn=useradmin,ou=SERVICEDESK,ou=User,dc=twnlab,dc=local'; my $adpw='P@ssw0rd11'; # Connect to the AD server #my $ad=Net::LDAP->new($adsvr, version=>3, scheme=>'ldaps', port=>636, +) or die "can't connect to $adsvr: $@"); # For LDAP Windows 2008 R2 my $ad=Net::LDAP->new($adsvr, version=>3, scheme=>'ldap', port=>389,) +or die "can't connect to $adsvr: $@"); # For LDAP Windows 2012 R2 # Bind as Administrator $result=$ad->bind($adbinddn, password=>$adpw); if ($result->code) { LDAPerror ("binding",$result); exit 1; }; # check for username, get DN $result = $ad->search( base => "ou=User,ou=User,dc=twnlab,dc=local", filter => "(samAccountName=$username)", attrs => ['distinguishedName'] ); $result->code && die $result->error; if ($result->entries != 1 ) { die "ERROR: User not found in AD: $usern +ame" }; my $entry = $result->entry(0); # there can be only one my $dn = $entry->get_value('distinguishedName'); my $unicodePwd = utf8(chr(34).${passwd}.chr(34))->utf16le(); # change password entries etc. #$result = $ad->modify($dn, replace => {unicodePwd=> $unicodePwd,}); # +password change for 2008 AD $result = $ad->modify($dn, replace => {userPassword=> $unicodePwd,}); +#password change for 2012 AD $result->code && die $result->error; print "AD : SUCCESS: ${username} password changed.n"; $ad->unbind();

------------------------------------------------

Sharing the capture logs

When I execute the script it says SUCCESS in the local host windows.

C:\script\perl> changepassword.pl user1 P@ssw0rd1234 AD : SUCCESS: user1 password changed.n C:\script\perl>

and when checking in the event security logs at Active Directory Windows 2012 R2 Operating system security logs nothing showing for eventID: 4723,4724,627,628

4723 - An attempt was made to change an account's password 4724 - An attempt was made to reset an accounts password 627 - Change Password Attempt 628 - User Account password set

In reply to Resolved: It does not change password in LDAP Windows 2012 R2 by francism8

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Are you posting in the right place? Check out Where do I post X? to know for sure.
  • Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
    <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
  • Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
  • Want more info? How to link or How to display code and escape characters are good places to start.
Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others imbibing at the Monastery: (5)
As of 2024-03-28 12:57 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found