我正尝试使用以下命令通过ldifde更改当前login用户的密码:
ldifde -i -f pwd.ldif -t 636
我的AD服务器以自签名证书的SSL模式运行。 pwd.ldif包含以下内容:
dn: CN=test,cn=users,dc=skenzo,dc=ad,dc=com changeType: modify replace: unicodePwd unicodePwd:: InF3ZWRzYUAxMjMi - 现在,这工作,当我以pipe理员身份运行命令,因为默认的权限来更改密码在那里。 但是,每个用户都应该有权更改自己的密码。 这就是我为什么要这样做的原因。
完整日志在这里给出:
Connecting to "<server-name>" Logging in as current user using SSPI Importing directory from file "pwd.ldif" Loading entries. Add error on entry starting on line 1: Insufficient Rights The server side error is: 0x5 Access is denied. The extended server error is: 00000005: SecErr: DSID-031A1190, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 0 entries modified successfully. An error has occurred in the program No log files were written. In order to generate a log file, please specify the log file path via the -j option.