Solved

PHP ldap_mod_replace throws warning

Posted on 2007-11-19
6
1,227 Views
Last Modified: 2008-10-10
I can connect to the active directory server, bind to it and search it and all that, but when i try to use ldap_mod_replace (i am trying to give the users the ability to change their own AD passwords) it throws the following warning:
"Warning: ldap_mod_replace(): Modify: No such object in ..."

I would greatly appretiate any help.
//make the connection//
if(!$ldap_con = ldap_connect($domain_ctr)){ die("Cannot connect"); }
else { echo "<li />Connection successful ..."; }
 
//var_dump( $ldap_con );
if($ldap_bind = ldap_bind($ldap_con, $adm_user."@yponepublishing.local", $adm_pass)){
	//read user file//
	$fp = fopen($user_fl, 'r');
	
	while (($data = fgetcsv($fp, 1000, ",")) !== false) {
		
		//username, repID/
		echo "<li />".count($data);print_r($data);
		if(count($data) == 2){
			//echo "<li />";var_dump($data);
 
			$user_name = $data['0'];
			$new_pass = 'Sales'.$data['1'];
			$attr["unicodePwd"][0] = encodePassword($new_pass);
 
			//Change password/
			if(ldap_mod_replace($ldap_con, "uid=".$user_name.$dc_str, $attr)) {
				echo "<li /> ".$user_name." = Succeded";
			}else { echo "<li />".$user_name." = Failed"; }						
		}//end if 
	}//end while
		
	fclose($fp);
}//end if if($ldap_bind = @ldap_...
 
 
//close connection//
ldap_close($ldap_con);

Open in new window

0
Comment
Question by:zzman123
  • 3
6 Comments
 
LVL 9

Expert Comment

by:MSE-dwells
ID: 20314585
My gut's telling me you have to base64 encode the quoted password string but I haven't got the resources to hand right now to verify that.

I'll look further if time permits and the question remains unresolved ...
0
 
LVL 9

Expert Comment

by:MSE-dwells
ID: 20314684
... there again, now I'm thinking that was a legacy Win2K requirement.

Heh, must stop thinking about this for the moment ... will return later as I said ...
0
 

Author Comment

by:zzman123
ID: 20314854
I think the problem is on the php side and not the AD server itself.
0
 
LVL 9

Accepted Solution

by:
MSE-dwells earned 500 total points
ID: 20315273
I can't say for certain since my PHP abilities are limited to say the least.  I can say, however, that AD won't accept a password over LDAP unless its LDAPS or LDAP opt 0x96 (LDAP_OPT_ENCRYPT) is in play.  In addition, the password value requires specific encoding; UTF-16 or unicode little-endian I believe.  You may want to take a look at this since it references some of the constraints in play on the back-end -

http://support.microsoft.com/default.aspx?scid=kb;EN-US;269190
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
This article discusses how to create an extensible mechanism for linked drop downs.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question