ldap_modify_s: unknown LDAP result code (1023)

Hi, I'm getting the following error:

ldap_modify_s: unknown LDAP result code (1023)
 additional info: Attribute password is invalid

I'm not very familiar with C and LDAP but the following is a portion of the code that returned the error:

LDAPMod      *mods[2];
LDAPMod      mod0;
mod0.mod_op = LDAP_MOD_REPLACE;
mod0.mod_type = "Password";
char *vals0[2];
vals0[0] = (unsigned char *) newPwdEnc;
vals0[1] = NULL;
mod0.mod_values = vals0;
mods[ 0 ] =&mod0;
mods[ 1 ] = NULL;
if ( ldap_modify_s( ld,GUID, mods ) != LDAP_SUCCESS ) {
      ldap_perror( ld, "ldap_modify_s" );
}

What attribute "password" is the error message talking about?
LVL 1
killdurstAsked:
Who is Participating?
 
Meir RivkinConnect With a Mentor Full stack Software EngineerCommented:
use this function for setting password:
int ad_setpass(char *dn, char *password) {
      LDAP *ds;
      char quoted_password[MAX_PASSWORD_LENGTH+2];
      char unicode_password[(MAX_PASSWORD_LENGTH+2)*2];
      int i;
      LDAPMod *attrs[2];
      LDAPMod attr1;
      struct berval *bervalues[2];
      struct berval pw;
      int result;

      ds=ad_login();
      if(!ds) return ad_error_code;

      /* put quotes around the password */
      snprintf(quoted_password, sizeof(quoted_password), "\"%s\"", password);
      /* unicode the password string */
      memset(unicode_password, 0, sizeof(unicode_password));
      for(i=0; i<strlen(quoted_password); i++)
            unicode_password[i*2]=quoted_password[i];

      pw.bv_val = unicode_password;
      pw.bv_len = strlen(quoted_password)*2;

      bervalues[0]=&pw;
      bervalues[1]=NULL;

      attr1.mod_type="unicodePwd";
      attr1.mod_op = LDAP_MOD_REPLACE|LDAP_MOD_BVALUES;
      attr1.mod_bvalues = bervalues;

      attrs[0]=&attr1;
      attrs[1]=NULL;

      result = ldap_modify_s(ds, dn, attrs);
      if(result!=LDAP_SUCCESS) {
            snprintf(ad_error_msg, MAX_ERR_LENGTH, "Error in ldap_modify for password: %s", ldap_err2string(result));
            ad_error_code=AD_LDAP_OPERATION_FAILURE;
      } else {
            ad_error_code=AD_SUCCESS;
      }
      return ad_error_code;
}

Open in new window

0
 
Meir RivkinFull stack Software EngineerCommented:
a shot in the dark, try
mod0.mod_op = LDAP_MOD_REPLACE|LDAP_MOD_BVALUES;
0
 
Meir RivkinFull stack Software EngineerCommented:
The password is stored in the Active Directory on a user object in the unicodePwd attribute so the "Password" attribute set in mod0.mod_type is invalid.
adjust the code i've posted to your needs and post the results.
0
 
killdurstAuthor Commented:
Actually the LDAP that I am connecting to is an LDAP in an Avaya Modular Messaging server and the server administrator told me that there is no "unicodePwd" attribute in the AD entry. That is why we are using the "Password" attribute.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.