JAVA通过SSL修改MS AD账户密码
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了JAVA通过SSL修改MS AD账户密码相关的知识,希望对你有一定的参考价值。
JAVA通过SSL修改MS AD账户密码
我们上一篇文章介绍了JAVA通过SSL创建MS AD账户及设置密码,今天我们主要介绍JAVA通过SSL修改MS AD账户密码,关于证书介绍,我们上一篇已经介绍了,所以直接进入重点,上代码
我们准备修改上一篇介绍时创建的gaowenlong这个账户;
我们设置修改密码的账户
上代码
package com.ixmsoft.oa.util; import java.io.IOException; import java.io.UnsupportedEncodingException; import java.util.Hashtable; import javax.naming.Context; import javax.naming.NamingException; import javax.naming.directory.BasicAttribute; import javax.naming.directory.DirContext; import javax.naming.directory.ModificationItem; import javax.naming.ldap.InitialLdapContext; import javax.naming.ldap.LdapContext; public class UpdatePasswordTLS { public static void main (String[] args) { Hashtable env = new Hashtable(); String adminName = "CN=Administrator,CN=Users,DC=ixmsoft,DC=com"; String adminPassword = "123"; String userName = "CN=zhushizhen,OU=IXM Adm,OU=IMXSOFT Users,DC=ixmsoft,DC=com"; String newPassword = "123456"; String keystore = "D:\\Development_Environment\\java\\jdk\\jre\\lib\\security\\cacerts"; System.setProperty("javax.net.ssl.trustStore",keystore); //Access the keystore, this is where the Root CA public key cert was installed //Could also do this via command line java -Djavax.net.ssl.trustStore.... //String keystore = "/usr/java/jdk1.5.0_01/jre/lib/security/cacerts"; //System.setProperty("javax.net.ssl.trustStore",keystore); env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory"); //set security credentials, note using simple cleartext authentication env.put(Context.SECURITY_AUTHENTICATION,"simple"); env.put(Context.SECURITY_PRINCIPAL,adminName); env.put(Context.SECURITY_CREDENTIALS,adminPassword); env.put(Context.SECURITY_PROTOCOL,"ssl"); //connect to my domain controller String ldapURL = "ldap://192.168.5.20:636"; env.put(Context.PROVIDER_URL,ldapURL); try { // Create the initial directory context LdapContext ctx = new InitialLdapContext(env,null); //set password is a ldap modfy operation ModificationItem[] mods = new ModificationItem[1]; //Replace the "unicdodePwd" attribute with a new value //Password must be both Unicode and a quoted string String newQuotedPassword = "\"" + newPassword + "\""; byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE"); //注意:如果是当前用户自行修改密码,需要先删除oldpassword,然后在添加新的password /* ModificationItem[] mods = new ModificationItem[2]; //Firstly delete the "unicdodePwd" attribute, using the old password //Then add the new password,Passwords must be both Unicode and a quoted string String oldQuotedPassword = "\"" + sOldPassword + "\""; byte[] oldUnicodePassword = oldQuotedPassword.getBytes("UTF-16LE"); String newQuotedPassword = "\"" + sNewPassword + "\""; byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE"); mods[0] = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, new BasicAttribute("unicodePwd", oldUnicodePassword)); mods[1] = new ModificationItem(DirContext.ADD_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword)); // Perform the update ctx.modifyAttributes(sUserName, mods); */ mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword)); // Perform the update ctx.modifyAttributes(userName, mods); System.out.println("Reset Password for: " + userName); ctx.close(); } catch (NamingException e) { System.out.println("Problem resetting password: " + e); } catch (UnsupportedEncodingException e) { System.out.println("Problem encoding password: " + e); } catch (IOException e) { System.out.println("Problem with TLS: " + e); } } }
开始执行
我们最后看看结果
本文出自 “高文龙” 博客,谢绝转载!
以上是关于JAVA通过SSL修改MS AD账户密码的主要内容,如果未能解决你的问题,请参考以下文章