使用 Python ldap 模块解锁 Active Directory 上的锁定用户帐户
[英]unlocking Locked user accounts on Active Directory using Python ldap module
问题描述
I recently implemented password reset on AD using python ldap module.
我最近使用 python ldap 模块在 AD 上实现了密码重置。
This involved passing modified attributes in this manner:这涉及以这种方式传递修改后的属性:
add_pass = [(ldap.MOD_REPLACE, "unicodePwd", )] add_pass = [(ldap.MOD_REPLACE, "unicodePwd", )]
This worked since the passwords on AD are stored in attribute "unicodePwd".这是有效的,因为 AD 上的密码存储在属性“unicodePwd”中。
Now I want to unlock a locked user account but I cannot find the attribute that must be changed to achieve the same.现在我想解锁一个锁定的用户帐户,但我找不到必须更改才能实现相同的属性。
Could you guys please tell me which attribute I have to change?你们能告诉我我必须改变哪个属性吗?
3 个解决方案
解决方案1
5 已采纳 2011-09-09 18:12:04
要解锁用户,您需要将lockoutTime属性设置为 0。
解决方案2
0 2020-02-03 12:25:28
def unlock_account_ad(message):
c.bind()
unlock_account = c.extend.microsoft.unlock_account(user='cn=' + message + ',
ou=%OU%, dc=%domain%, dc=%DC%')
c.unbind()
解决方案3
0 2011-09-04 07:35:43
Have a look to userAccountControl attribute ADS_UF_ACCOUNTDISABLE flag which allow tu unable a disabled account.查看userAccountControl属性ADS_UF_ACCOUNTDISABLE标志,它允许您无法禁用帐户。
----EDITED------ ----编辑------
@Brrian Desmond is true to unlock a user, you need to set the lockoutTime attribute to 0. @Brrian Desmond 是真的要解锁用户,您需要将lockoutTime属性设置为 0。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.