Solved

PHP ldap_mod_replace throws warning

Posted on 2007-11-19
6
1,208 Views
Last Modified: 2008-10-10
I can connect to the active directory server, bind to it and search it and all that, but when i try to use ldap_mod_replace (i am trying to give the users the ability to change their own AD passwords) it throws the following warning:
"Warning: ldap_mod_replace(): Modify: No such object in ..."

I would greatly appretiate any help.
//make the connection//

if(!$ldap_con = ldap_connect($domain_ctr)){ die("Cannot connect"); }

else { echo "<li />Connection successful ..."; }
 

//var_dump( $ldap_con );

if($ldap_bind = ldap_bind($ldap_con, $adm_user."@yponepublishing.local", $adm_pass)){

	//read user file//

	$fp = fopen($user_fl, 'r');

	

	while (($data = fgetcsv($fp, 1000, ",")) !== false) {

		

		//username, repID/

		echo "<li />".count($data);print_r($data);

		if(count($data) == 2){

			//echo "<li />";var_dump($data);
 

			$user_name = $data['0'];

			$new_pass = 'Sales'.$data['1'];

			$attr["unicodePwd"][0] = encodePassword($new_pass);
 

			//Change password/

			if(ldap_mod_replace($ldap_con, "uid=".$user_name.$dc_str, $attr)) {

				echo "<li /> ".$user_name." = Succeded";

			}else { echo "<li />".$user_name." = Failed"; }						

		}//end if 

	}//end while

		

	fclose($fp);

}//end if if($ldap_bind = @ldap_...
 
 

//close connection//

ldap_close($ldap_con);

Open in new window

0
Comment
Question by:zzman123
  • 3
6 Comments
 
LVL 9

Expert Comment

by:MSE-dwells
Comment Utility
My gut's telling me you have to base64 encode the quoted password string but I haven't got the resources to hand right now to verify that.

I'll look further if time permits and the question remains unresolved ...
0
 
LVL 9

Expert Comment

by:MSE-dwells
Comment Utility
... there again, now I'm thinking that was a legacy Win2K requirement.

Heh, must stop thinking about this for the moment ... will return later as I said ...
0
 

Author Comment

by:zzman123
Comment Utility
I think the problem is on the php side and not the AD server itself.
0
 
LVL 9

Accepted Solution

by:
MSE-dwells earned 500 total points
Comment Utility
I can't say for certain since my PHP abilities are limited to say the least.  I can say, however, that AD won't accept a password over LDAP unless its LDAPS or LDAP opt 0x96 (LDAP_OPT_ENCRYPT) is in play.  In addition, the password value requires specific encoding; UTF-16 or unicode little-endian I believe.  You may want to take a look at this since it references some of the constraints in play on the back-end -

http://support.microsoft.com/default.aspx?scid=kb;EN-US;269190
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now