I recently implemented password reset on AD using python ldap module.
This involved passing modified attributes in this manner:
add_pass = [(ldap.MOD_REPLACE, "unicodePwd", )]
This worked since the passwords on AD are stored in attribute "unicodePwd".
Now I want to unlock a locked user account but I cannot find the attribute that must be changed to achieve the same.
Could you guys please tell me which attribute I have to change?
要解锁用户,您需要将lockoutTime
属性设置为 0。
def unlock_account_ad(message):
c.bind()
unlock_account = c.extend.microsoft.unlock_account(user='cn=' + message + ',
ou=%OU%, dc=%domain%, dc=%DC%')
c.unbind()
Have a look to userAccountControl attribute ADS_UF_ACCOUNTDISABLE flag which allow tu unable a disabled account.
----EDITED------
@Brrian Desmond is true to unlock a user, you need to set the lockoutTime
attribute to 0.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.