Hi,
I’m trying to use the eldap module to set a password for a new user in Active Directory. In AD, the default attribute for setting the password is unicodePwd, and uses a UTF-16. When I try to set the attribute using eldap I get an {:error, :unwillingToPerofrm} back. I know I need to encode the password, but I’m not quite sure how.
:application.ensure_all_started(:ssl)
{:ok, handle} = :eldap.open(['example.local'], [{:port,636}, {:ssl, true}])
authenticated =
:ok == :eldap.simple_bind(handle,
'CN=Administrator Account,CN=Users,DC=example,DC=local',
'password')
:eldap.add(handle, 'cn=John K Doe,cn=Users,dc=example,dc=local',
[{'objectclass', ['user']},
{'displayName', ['John K. Doe']},
{'givenName', ['John']},
{'initials', ['K']},
{'sn', ['Doe']},
{'sAMAccountName', ['john.k.doe']},
{'userPrincipalName', ['john.k.doe@example.local]},
{'cn', ['John K Doe']},
{'unicodePwd', ['abc@123!']}, # => { :error, :unwillingToPerform }
])
:eldap.close(handle)
I was able to get similar code to work in golang:
// Encoding password
utf16 := unicode.UTF16(unicode.LittleEndian, unicode.IgnoreBOM)
encoded, err := utf16.NewEncoder().String("\"abc@123!\"")
// Building Add Request for User Object
addReq := ldap.AddRequest{
DN: "CN=John W Doe,CN=Users,DC=example,DC=local",
Attributes: []ldap.Attribute{
ldap.Attribute{"objectClass", []string{"user"}},
ldap.Attribute{"displayName", []string{"John W. Doe"}},
ldap.Attribute{"givenName", []string{"John"}},
ldap.Attribute{"sn", []string{"Doe"}},
ldap.Attribute{"initials", []string{"W"}},
ldap.Attribute{"sAMAccountName", []string{"john.w.doe"}},
ldap.Attribute{"userPrincipalName", []string{"john.w.doe@example.local"}},
ldap.Attribute{"unicodePwd", []string{encoded}},
ldap.Attribute{"userAccountControl", []string{"512"}},
},
}
Any help would be most appreciated.