0

Trying to enable user account and getting below error. If I go to directly to that windows machine after creating user (using java api) and update password (manually using UI on windows machine) like "password1" and then try to enable password using java it works fine.

Here is how I am setting password while creating user

BasicAttribute basicAttribute1=new BasicAttribute("userPassword","password1".getBytes(StandardCharsets.US_ASCII));
            context.setAttribute(basicAttribute1);

Then trying to change useraccount control to 512 and getting 

 "errorMessage": "[LDAP: error code 53 - 0000052D: SvcErr: DSID-031A12D2, problem 5003 (WILL_NOT_PERFORM), data 0\n\u0000]; nested exception is javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000052D: SvcErr: DSID-031A12D2, problem 5003 (WILL_NOT_PERFORM), data 0\n\u0000]; remaining name 'CN=SachinVTendulkar,OU=SDCWASD001,OU=Users,OU=Mycity,OU=Enterprise Support'"

Seems I am not setting password correctly while creating user with java - I am creating user with userAccountControl-514 and with password along with other attributes like names etc (first I want to create in disable mode)

Then when I just try to enable user, getting this problem. And for same user if I go to windows machine and update password and then try to enable with java it works fine - so that rule out other issues like ldaps etc.

Logs when I create user for reference:

log of creating user : creating new user : JohnSmith , in DN : CN=JohnSmith,OU=SDCWASD001,OU=Users,OU=MyCity,OU=Enterprise Support , with context: org.springf.ldap.core.DirContextAdapter: dn=CN=JohnSmith,OU=SDCWASD001,OU=Users,OU=MyCity,OU=Enterprise Support {[email protected], Description=Test account, CN=JohnSmith, objectclass[0]=top, objectclass[1]=Person, objectclass[2]=organizationalPerson, objectclass[3]=user, userPassword=summer01, sAMAccountName=adsadsa51, [email protected], givenName=John, displayName=JohnSmith, name=JOHNSMITH, physicalDeliveryOfficeName=0, sn=Smith, userAccountControl=514}

Then to enable user, I do following and getting that error (I do this in seperate call)

ModificationItem[] mods=new ModificationItem[1];
         mods[0]=new ModificationItem(DirContext.REPLACE_ATTRIBUTE,new BasicAttribute("userAccountControl",Integer.toString(512)));
 ldapTemplate.modifyAttributes(dn, mods);
Improve this question
3
  • Why do you have a semi-colon at US_ASCII);; remove that. Commented Mar 24, 2019 at 6:36
  • Please include the actual exception generating code. Commented Mar 25, 2019 at 14:59
  • org.springframework.ldap.OperationNotSupportedException: [LDAP: error code 53 - 0000052D: SvcErr: DSID-031A12D2, problem 5003 (WILL_NOT_PERFORM), data 0 ]; nested exception is javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000052D: SvcErr: DSID-031A12D2, problem 5003 (WILL_NOT_PERFORM), data 0 Commented Mar 25, 2019 at 17:38

2 Answers 2

Reset to default
0

Try setting the unicodePwd value on the account. Something like:

final byte[] quotedPasswordBytes = ('"'+password+'"').getBytes("UTF-16LE");
    container.put(new BasicAttribute("unicodePwd", quotedPasswordBytes));
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

in that case it gives this error while creating user:[LDAP: error code 53 - 0000001F: SvcErr: DSID-031A12D2, problem 5003 (WILL_NOT_PERFORM), data 0\n\u0000]; nested exception is javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A12D2, problem 5003 (WILL_NOT_PERFORM), data 0\n\u0000];
0

Resolution is to use SSL for password attribute updates.

Can you be more specific about what this entails?

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.