Example - Active Directory Password Change JNDI[1]#

Microsoft Active Directory uses the unicodePwd instead of the more common userPassword unless you have Enable UserPassword in Microsoft Active Directory.

Microsoft requires a minimum level of LDAP encryption

We have placed the Example - Active Directory Change Password JNDI Example code in our Code repository

The updateUserPassword method is shown below:

  /**
     * Update User Password in Microsoft Active Directory
     * @param username
     * @param password
     */
    public void updateUserPassword(String username, String password)
    {
	try
	{
	    System.out.println("updating password...\n");
	    String quotedPassword = "\"" + password + "\"";
	    char unicodePwd[] = quotedPassword.toCharArray();
	    byte pwdArray[] = new byte[unicodePwd.length * 2];
	    for (int i = 0; i < unicodePwd.length; i++)
	    {
		pwdArray[i * 2 + 1] = (byte) (unicodePwd[i] >>> 8);
		pwdArray[i * 2 + 0] = (byte) (unicodePwd[i] & 0xff);
	    }
	    System.out.print("encoded password: ");
	    for (int i = 0; i < pwdArray.length; i++)
	    {
		System.out.print(pwdArray[i] + " ");
	    }
	    System.out.println();
	    ModificationItem[] mods = new ModificationItem[1];
	    mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("UnicodePwd", pwdArray));
	    ldapContext.modifyAttributes("cn=" + username + BASE_NAME, mods);
	}
	catch (Exception e)
	{
	    System.out.println("update password error: " + e);
	}
    }

More Information#

There might be more information for this subject on one of the following:
[#1] We found this one Written by Jeremy E. Mortis mortis@ucalgary.ca 2002-07-03 at: http://homepages.ucalgary.ca/~mortis/software/ADConnection.txt

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-13) was last changed on 09-Dec-2016 08:18 by jim