Java :无法在中创建具有密码的用户(LDAP:错误代码53-0000001F)
Java :无法在中创建具有密码的用户(LDAP:错误代码53-0000001F)
提问于 2021-08-20 15:08:09
我试图在虚拟机中安装的Active Directory中创建一个带有密码的用户。我已经将从Active Directory生成的证书导入到在Intelij中运行的JVM中。
C:\Program Files\Java\jdk-13.0.1\bin>keytool -import -trustcacerts -keystore "C:\Program Files\Java\jdk-13.0.1\lib\security\cacerts" -storepass changeit -noprompt -alias certificadoAD -file "C:\Users\sandBox\Downloads\CertificadoAD.cer"建立了一个ldaps://连接,尽管如此,我还是得到了错误:
javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A1262, problem 5003 (WILL_NOT_PERFORM), data 0
]; remaining name 'cn=IGiveUp,ou=_Estagiarios,ou=usuarios,ou=_SUPERIOR,dc=my,dc=domain,dc=com,dc=br'
at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3231)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3104)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2895)
at java.naming/com.sun.jndi.ldap.LdapCtx.c_bind(LdapCtx.java:424)
at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_bind(ComponentDirContext.java:299)
at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:217)
at java.naming/javax.naming.directory.InitialDirContext.bind(InitialDirContext.java:211)Java代码:
public static void main(String[] args) {
Hashtable<String, Object> env = new Hashtable<String, Object>(11);
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldaps://192.168.15.8:636/");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=Administrator,cn=Users,dc=my,dc=domain,dc=com,dc=br");
env.put(Context.SECURITY_CREDENTIALS, "1Q2W3E4R!");
try {
System.setProperty("com.sun.jndi.ldap.object.disableEndpointIdentification", "true");
DirContext ctx = new InitialDirContext(env);
Name dn = LdapNameBuilder.newInstance("dc=my,dc=domain,dc=com,dc=br")
.add("ou", "_SUPERIOR")
.add("ou", "usuarios")
.add("ou", "_Estagiarios")
.add("cn", "IGiveUp")
.build();
ctx.bind(dn, null, buildAttributes());
ctx.close();
} catch (NamingException e) {
e.printStackTrace();
}
}
private static Attributes buildAttributes() {
BasicAttribute ocattr = new BasicAttribute("objectclass");
ocattr.add("top");
ocattr.add("person");
ocattr.add("organizationalPerson");
ocattr.add("User");
Attributes attrs = new BasicAttributes();
attrs.put(ocattr);
attrs.put("uid", "IGiveUp");
attrs.put("cn", "IGiveUp");
attrs.put("sn", "IGiveUp");
attrs.put("givenName", "IGiveUp");
attrs.put("pwdLastSet", "-1");
attrs.put("userAccountControl", "512");
attrs.put("unicodePwd", "1Q2W3E4R");
return attrs;
}使用Spring 时也会发生相同的错误
application.properties:
#External LDAP directory config:
# ============================================================================
spring.ldap.urls=ldaps://192.168.15.8:636
spring.ldap.base=dc=my,dc=domain,dc=com,dc=br
spring.ldap.username=cn=Administrator,cn=Users,dc=my,dc=domain,dc=com,dc=br
spring.ldap.password=1Q2W3E4R!Java代码:
@SpringBootApplication
public class ProjectApplication {
public static void main(String[] args) {
System.setProperty("com.sun.jndi.ldap.object.disableEndpointIdentification","true");
SpringApplication.run(ProjectApplication.class, args);
}
}
public void createUser(String username, String password) {
Name dn = LdapNameBuilder.newInstance()
.add("ou", "_SUPERIOR")
.add("ou", "usuarios")
.add("ou", "_Estagiarios")
.add("cn", username)
.build();
DirContextAdapter context = new DirContextAdapter(dn);
context.setAttributeValues("objectclass", new String[]
{
"top",
"person",
"organizationalPerson",
"User"
});
context.setAttributeValue("cn", username);
context.setAttributeValue("sn", username);
context.setAttributeValue("userAccountControl", "512");
context.setAttributeValue("pwdLastSet", "-1");
context.setAttributeValue("sAMAccountName", "qpwoeiruty");
context.setAttributeValue("unicodePwd", password);
ldapTemplate.bind(context);
}回答 1
Stack Overflow用户
发布于 2021-08-20 18:55:19
我在这个链接中找到了解决方案:
Getting WILL_NOT_PERFORM error when trying to enable user via LDAP
String password = "1Q2W3E4Rf!";
final byte[] quotedPasswordBytes = ('"'+ password +'"').getBytes("UTF-16LE");
attrs.put("unicodePwd", quotedPasswordBytes);春靴:
final byte[] quotedPasswordBytes = ('"'+ password +'"').getBytes("UTF-16LE");
context.setAttributeValue("unicodePwd", quotedPasswordBytes);
ldapTemplate.bind(context);页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/68864364
复制相关文章
相似问题
腾讯云开发者
