JAVA通過SSL修改MS AD賬戶密碼
阿新 • • 發佈:2017-09-29
java通過ssl修改ms ad賬戶密碼
JAVA通過SSL修改MS AD賬戶密碼
我們上一篇文章介紹了JAVA通過SSL創建MS AD賬戶及設置密碼,今天我們主要介紹JAVA通過SSL修改MS AD賬戶密碼,關於證書介紹,我們上一篇已經介紹了,所以直接進入重點,上代碼
我們準備修改上一篇介紹時創建的gaowenlong這個賬戶;
我們設置修改密碼的賬戶
上代碼
package com.ixmsoft.oa.util;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
public class UpdatePasswordTLS {
public static void main (String[] args)
{
Hashtable env = new Hashtable();
String adminName = "CN=Administrator,CN=Users,DC=ixmsoft,DC=com";
String adminPassword = "123";
String userName = "CN=zhushizhen,OU=IXM Adm,OU=IMXSOFT Users,DC=ixmsoft,DC=com";
String newPassword = "123456";
String keystore = "D:\\Development_Environment\\java\\jdk\\jre\\lib\\security\\cacerts";
System.setProperty("javax.net.ssl.trustStore",keystore);
//Access the keystore, this is where the Root CA public key cert was installed
//Could also do this via command line java -Djavax.net.ssl.trustStore....
//String keystore = "/usr/java/jdk1.5.0_01/jre/lib/security/cacerts";
//System.setProperty("javax.net.ssl.trustStore",keystore);
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
//set security credentials, note using simple cleartext authentication
env.put(Context.SECURITY_AUTHENTICATION,"simple");
env.put(Context.SECURITY_PRINCIPAL,adminName);
env.put(Context.SECURITY_CREDENTIALS,adminPassword);
env.put(Context.SECURITY_PROTOCOL,"ssl");
//connect to my domain controller
String ldapURL = "ldap://192.168.5.20:636";
env.put(Context.PROVIDER_URL,ldapURL);
try {
// Create the initial directory context
LdapContext ctx = new InitialLdapContext(env,null);
//set password is a ldap modfy operation
ModificationItem[] mods = new ModificationItem[1];
//Replace the "unicdodePwd" attribute with a new value
//Password must be both Unicode and a quoted string
String newQuotedPassword = "\"" + newPassword + "\"";
byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
//註意:如果是當前用戶自行修改密碼,需要先刪除oldpassword,然後在添加新的password
/*
ModificationItem[] mods = new ModificationItem[2];
//Firstly delete the "unicdodePwd" attribute, using the old password
//Then add the new password,Passwords must be both Unicode and a quoted string
String oldQuotedPassword = "\"" + sOldPassword + "\"";
byte[] oldUnicodePassword = oldQuotedPassword.getBytes("UTF-16LE");
String newQuotedPassword = "\"" + sNewPassword + "\"";
byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
mods[0] = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, new BasicAttribute("unicodePwd", oldUnicodePassword));
mods[1] = new ModificationItem(DirContext.ADD_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword));
// Perform the update
ctx.modifyAttributes(sUserName, mods);
*/
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword));
// Perform the update
ctx.modifyAttributes(userName, mods);
System.out.println("Reset Password for: " + userName);
ctx.close();
}
catch (NamingException e) {
System.out.println("Problem resetting password: " + e);
}
catch (UnsupportedEncodingException e) {
System.out.println("Problem encoding password: " + e);
}
catch (IOException e) {
System.out.println("Problem with TLS: " + e);
}
}
}開始執行
我們最後看看結果
本文出自 “高文龍” 博客,謝絕轉載!
JAVA通過SSL修改MS AD賬戶密碼