Recipe 6.18 Setting a User's Password via LDAP6.18.1 ProblemYou want to set the password for a user using LDAP. 6.18.2 SolutionYou have to first enable SSL/TLS support in your Active Directory domain. See Recipe 14.1 for more on this. You can then set the unicodePwd attribute of a user object using LDAP operations over an SSL or TLS connection. The value for the unicodePwd attribute must be a Unicode string that is surrounded by quotes and Base64 encoded. See Recipe 10.4 for more on encoding text with Base64. 6.18.3 DiscussionThe unicodePwd attribute can be directly modified over a SSL or TLS connection, but it can never be read. 6.18.4 See AlsoRecipe 10.4 for more on Base64 encoding, Recipe 14.1 for enabling SSL/TLS, MS KB 263991 (How to Set a User's Password with Ldifde), MS KB 264480 (Description of Password-Change Protocols in Windows 2000), and MS KB 269190 (HOWTO: Change a Windows 2000 User's Password Through LDAP) |