Recipe 6.18 Setting a User's Password via LDAP
You want to set the password for a user using LDAP.
You have to first enable SSL/TLS support in your Active Directory domain. See Recipe 14.1 for more on this.
You can then set the unicodePwd attribute of a user object using LDAP operations over an SSL or TLS connection.
The value for the unicodePwd attribute must be a Unicode string that is surrounded by quotes and Base64 encoded. See Recipe 10.4 for more on encoding text with Base64.
The unicodePwd attribute can be directly modified over a SSL or TLS connection, but it can never be read.
6.18.4 See Also
Recipe 10.4 for more on Base64 encoding, Recipe 14.1 for enabling SSL/TLS, MS KB 263991 (How to Set a User's Password with Ldifde), MS KB 264480 (Description of Password-Change Protocols in Windows 2000), and MS KB 269190 (HOWTO: Change a Windows 2000 User's Password Through LDAP)