Professional Web Applications Themes

using CFLDAP to set passwords in Active Directory - Coldfusion - Advanced Techniques

Hi Im using CFLDAP to create users in an active directory. This is working fine however im creating accounts with blank passwords. When i try to put something into the UnicodePwd schema item i get a nasty error. When i searched for the error in google i came accross and article from a Java app that said it needed to speak to the LDAP server via SSL and also encode the password being sent. At this point i run out of knowlege. Has any one achieved this, can you help? Joe...

  1. #1

    Default using CFLDAP to set passwords in Active Directory

    Hi

    Im using CFLDAP to create users in an active directory. This is working fine
    however im creating accounts with blank passwords.

    When i try to put something into the UnicodePwd schema item i get a nasty
    error. When i searched for the error in google i came accross and article from
    a Java app that said it needed to speak to the LDAP server via SSL and also
    encode the password being sent.

    At this point i run out of knowlege. Has any one achieved this, can you help?

    Joe

    Joe Bickley Guest

  2. #2

    Default Re: using CFLDAP to set passwords in Active Directory

    Hey Joe,

    Have you found a solution? I have the exact same problem with setting a password in Active Directory via LDAP - and I am running out of ideas now?


    dmichailov Guest

  3. #3

    Default Re: using CFLDAP to set passwords in Active Directory

    Hi dmichailov,

    Kind of. Ok first of all you have to get SSL set up with your active
    directory. Post back if your stuggling to do this and i can help, i found it to
    be a huge pain in the neck! Passwords CAN NOT be set in AD/LDAP without SSL
    being available.

    Now i dont have the code to do it at the moment i never got round to working
    it out before we ditched it in favour of asp.net however we have some coders
    over from india working on a project that will include it! I will post it when
    i have it as there is very little out there to help with this.

    Joe

    Joe Bickley Guest

  4. #4

    Default Re: using CFLDAP to set passwords in Active Directory

    Joe,

    if you could forward some working CF code, that would be awesome. I have
    created the SSL connection between the CF box and the AD box. I can run other
    modify or add operations via CFLDAP/SSL. So, the problem I am experiencing
    seems to be either in the encodinig of the password (doesn't it need to be
    unicode and then base64 encoded before being sent to AD) or somewhere in the AD
    settings.

    I would appreciate if you share some working code so that I can see what is
    different and take it from there. The unicodePwd change call is below and the
    error I get is "UNWILLING TO PERFORM"

    Thanks in advance!!

    <CFLDAP action="MODIFY"
    server="#this.ldapServer#"
    DN="#getUserDNRet#"
    attributes="unicodePwd=IgBUAGUAcwB0AGkAbgBnADEAMgA zADQANQAiAA=="
    modifyType="replace"
    username="DOMAIN\ACCOUNTOPERATORUSERID"
    password="ACCOUNTOPERATORPASSWORD"
    secure="CFSSL_BASIC"
    port="636"
    >
    dmichailov Guest

  5. #5

    Default Re: using CFLDAP to set passwords in Active Directory

    Yeah your having the exact same problem i ran into. I could do everything but
    set the password which lets face it is the most important thing!

    Hope these guys can solve the problem and i will deffinately post the code.

    Failing that u would have to use something else to set the password. I tried
    asking macromedia directly for some help but non was given !


    Joe Bickley Guest

  6. #6

    Default Re: using CFLDAP to set passwords in Active Directory

    Joe,

    Do you have the code already?

    Thank you in forward.

    Gordon
    Flashhhgordon Guest

  7. #7

    Default Re: using CFLDAP to set passwords in Active Directory

    You can set the password using <cfexecute> like so:

    <cfexecute name="NET" arguments="user #sAMAccountName# Test123$ /domain"></cfexecute>
    Wendall Mosemann is offline Junior Member
    Join Date
    Oct 2010
    Posts
    2

  8. #8

    Default Using CFLDAP to set passwords in Active Directory

    the cfexecute line is awesome and all, but what if I don't want to be running coldfusion from an account that could compromise my entire domain if someone exploits a CF flaw?
    (sorry if I come from a house of "run sandboxed and at low privileges whenever possible)
    Unregistered Guest

Similar Threads

  1. Change Active Directory Password via CFLDAP - HELP!!
    By dmichailov in forum Coldfusion - Advanced Techniques
    Replies: 4
    Last Post: May 17th, 04:41 PM
  2. Use CFLDAP to Add user onto Active Directory
    By nitrog7 in forum Coldfusion - Advanced Techniques
    Replies: 5
    Last Post: July 5th, 03:26 PM
  3. CFLDAP and Active Directory
    By kh91 in forum Macromedia ColdFusion
    Replies: 1
    Last Post: June 2nd, 06:28 PM
  4. CFLDAP - Active Directory Groups
    By Reeseatwsu in forum Coldfusion - Getting Started
    Replies: 1
    Last Post: March 18th, 10:31 PM
  5. Replies: 2
    Last Post: October 8th, 09:57 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139