stackoom
  简体   繁体   中英

When Changing Password in AD through ldap and SSl Connection,its not creating InitialLdapContext ,exception:connection reset

 原文  2020-03-06 07:03:59       java/ ssl/ active-directory/ ldap

Question

I am trying to implement change password function in my site using LDAP. Problem :-When Changing Password in AD(server) through ldap and SSl Connection,its not creating InitialLdapContext ,getting exception:connection reset.attached the screenshots for exception.added the certification also .

I have checked the port also. It is connecting via telnet.

Any help appreciated.

public String changePassword(String username,String currentPassword, String newPassword, String 
confirmPassword) {

    String retVal="failed";
    String domain = "edw.obc.co.in";
    Properties prop = new Properties();
    String LdapUserName="CN="+username ; //g

    //+ "ou=users" + "dc=edw,dc=obc,dc=co,dc=in" ; g


    String DomainUseName = username+"@" + domain;
    prop.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
    prop.put(Context.PROVIDER_URL, "ldap://172.xx.xx.xx:636");
    prop.put(Context.SECURITY_AUTHENTICATION, "simple");
    prop.put(Context.SECURITY_PROTOCOL,"ssl");
    //prop.put("javax.net.ssl.truststore","C:\\Program Files\\Java\\jdk-12.0.1\\lib\\security\\cacerts");
    //prop.put("javax.net.ssl.truststorePassword","changeit");
    System.setProperty("javax.net.ssl.truststore", "C:\\Program Files\\Java\\jdk-12.0.1\\lib\\security\\cacerts");
    System.setProperty("javax.net.ssl.truststorePassword", "changeit");


    //prop.put(Context.SECURITY_PRINCIPAL,LdapUserName);
    prop.put(Context.SECURITY_PRINCIPAL,"winadmin");
    //prop.put("LDAP_BASEDN","ou=edw,dc=obc,dc=co.in");
    prop.put(Context.SECURITY_CREDENTIALS,"wipro@123");
    //prop.put(Context.SECURITY_CREDENTIALS,"wipro@123");

    prop.put(Context.REFERRAL,"follow");
    try
    {
         LdapContext ctx =new InitialLdapContext(prop,null);

         System.out.print("XXXXXXXXXXXXXXXXXXXXXXXXXXX");

         SearchControls searchControls = new SearchControls();

            searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);

            NamingEnumeration objects = null;

         try {

                objects=ctx.search("cn="+username+",ou=Users,"+"dc=edw"+","+"dc=obc"+","+"dc=co"+","+"dc=in", String.format("(&(objectClass=person)(sAMAccounName=%s))", LdapUserName),searchControls);

            }
            catch(NamingException e) {
                e.printStackTrace();
            }


          String theUserName="cn="+username+",ou=Users";


          // Perform the update


         ModificationItem[] mods = new ModificationItem[1];
         String newQuotedPassword = "\"" + newPassword + "\"";
         byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
         mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,new BasicAttribute("userpassword", newUnicodePassword));

         ctx.modifyAttributes(theUserName, mods);
         retVal="success";
         System.out.println("Changed Password for user successfull");
         ctx.close();
    }
         catch (Exception e) {
             e.printStackTrace();
              System.err.println("Problem changing password: " + e);
    }



    return retVal;
}

private static byte[] getPasswordByteArray(String password)

{

    String quotedPassword = "\"" + password + "\"";

    try

    {

        return quotedPassword.getBytes("UTF-16LE");

    }

    catch(UnsupportedEncodingException e)

    {

        e.printStackTrace();

        return null;

    }

}

}

1 answers

solution1
 0  2020-03-06 07:05:40

The protocol to change password must be ldaps not ldap :

prop.put(Context.PROVIDER_URL, "ldap://172.xx.xx.xx:636");
                                ^^^^

Also, consider replacing:

ModificationItem[] mods = new ModificationItem[1];
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,new BasicAttribute("userpassword", newUnicodePassword));

with:

ModificationItem[] mods = {new ModificationItem(DirContext.REMOVE_ATTRIBUTE, new BasicAttribute("unicodePwd", oldPasswordBytes)),
                           new ModificationItem(DirContext.ADD_ATTRIBUTE, new BasicAttribute("unicodePwd", newPasswordBytes))};

to be able to change user's password without admin privileges on Active Directory.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Getting Connection reset Exception when storing/retrieving InitialLdapContext in session javax.naming.CommunicationException LDAP SSL InitialLdapContext SSL Connection Reset Spring ldap: creating connection Spring LDAP: Connection reset by peer Socket exception: Connection reset when unmarshalling with JAXB exception connection reset when exiting the program Connection Reset Exception for Socket Socket Exception : Connection Reset RabbitMQ Connection reset Exception
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM