File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes General Computing and the fly likes Error occured while modifying  Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » General Computing
Bookmark "Error occured while modifying  "pwdLastSet" attribute in Active Directory" Watch "Error occured while modifying  "pwdLastSet" attribute in Active Directory" New topic
Author

Error occured while modifying "pwdLastSet" attribute in Active Directory

suneel kumar
Ranch Hand

Joined: Jan 08, 2007
Posts: 46
After admin resets the pwd in active directory, he enables the user to changes pwd at next logon.

Since Authentication fails, he could able to modify the attribute[pwdLastSet].

please suggest me any solution

Error occured

xyz is not authenticated javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 773, vece
javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090A1A, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece


public class Fastbindclient_changePwd extends HttpServlet{
class ldapfastbind {

class FastBindConnectionControl implements Control {
public byte[] getEncodedValue() {
return null;
}

public String getID() {
return "2.16.840.1.113730.3.4.2";
}

public boolean isCritical() {

return Control.CRITICAL;
}
}

public ldapfastbind(String ldapurl) {
env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PROTOCOL, "ssl");
env.put(Context.PROVIDER_URL, ldapurl);
connCtls = new Control[] { new FastBindConnectionControl() };
try {
ctx = new InitialLdapContext(env,connCtls);
}
catch (NamingException e) {
}
}

public int Authenticate(String username, String password, HttpServletRequest request, HttpServletResponse response) throws LDAPException{
try {
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL,username);
ctx.addToEnvironment(Context.SECURITY_CREDENTIALS,password);
ctx.reconnect(connCtls);
System.out.println(username + " is authenticated");

return 0;
}
catch (AuthenticationException e) {
int index5= errMsg.indexOf("data 773");
if(index5 != -1)
{
try {
pwdLastSet = 1;
System.out.println("Password Last Set "+pwdLastSet);
String j_username=request.getParameter("j_username");
String j_password=request.getParameter("j_password");
String new_password=request.getParameter("new_password");
String change_password=request.getParameter("change_password");
boolean isChanged = ctxFast.ChangePassword(j_username, j_password, new_password, request, response);
} catch (IOException e1) {
}
}

}
catch (NamingException e) {
}
return 0;
}


public boolean ChangePassword(String sUserName, String sOldPassword, String sNewPassword, HttpServletRequest request, HttpServletResponse response) throws UnsupportedEncodingException {

try {
ModificationItem[] mods = new ModificationItem[1];
ModificationItem[] mods1 = new ModificationItem[1];

String oldQuotedPassword = "\"" + sOldPassword + "\"";
byte[] oldUnicodePassword = oldQuotedPassword.getBytes("UTF-16LE");

String newQuotedPassword = "\"" + sNewPassword + "\"";
byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
System.out.println("newUnicodePassword" + newUnicodePassword);
System.out.println("printed before modify");
mods[0] = new ModificationItem(LdapContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword));
ctx.modifyAttributes("cn="+sUserName+",cn=Users,dc=tc,dc=com", mods);
mods1[0] = new ModificationItem(LdapContext.REPLACE_ATTRIBUTE, new BasicAttribute("pwdLastSet", "-1"));
System.out.println("pwdLastSet Replaced");
/*mods[0] = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, new BasicAttribute("unicodePwd", oldUnicodePassword));
mods[1] = new ModificationItem(DirContext.ADD_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword));
*/

ctx.modifyAttributes("cn="+sUserName+",cn=Users,dc=tc,dc=com", mods1);
ctx.close();
return true;
}
catch (AuthenticationException e) {
if(index5 != -1)
{
try {
pwdLastSet = 1;
System.out.println("Password Last Set "+pwdLastSet);
String j_username=request.getParameter("j_username");
String j_password=request.getParameter("j_password");
String new_password=request.getParameter("new_password");
String change_password=request.getParameter("change_password");
boolean isChanged = ctxFast.ChangePassword(j_username, j_password, new_password, request, response);

} catch (IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
}

return false;
}
catch (NamingException e) {


return false;
}

}
public void finito() {
try {
ctx.close();
System.out.println("Context is closed");
}
catch (NamingException e) {
System.out.println("Context close failure " + e);
}
}
}
public void bindClient(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{
String ldapurl = "ldaps://172.22.0.99:636";
String keystore = "D:/j2sdk1.4.2_04/jre/lib/security/CACert.ks";
System.setProperty("javax.net.ssl.trustStore",keystore);
ctxFast = new ldapfastbind(ldapurl);
try {
IsAuthenticated = ctxFast.Authenticate(request.getParameter("j_username"),request.getParameter("j_password"), request, response);
boolean isChangedNrml;
if(pwdLastSet == 0)
isChangedNrml = ctxFast.ChangePassword(j_username, j_password, new_password, request, response);
System.out.println("b4 change");
System.out.println("After change 1");
} catch (LDAPException e) {
System.out.println("LDAP Exception : " + e.getLDAPResultCode() + "LDAPMessage : " + e.getLDAPErrorMessage()+ "message : " + e.getMessage());
e.printStackTrace();
String errMsg = e.getMessage();
System.out.println("error msa"+errMsg);
}
ctxFast.finito();
}

public ldapfastbind ctxFast = null;
public int pwdLastSet = 0;

}

please suggest me solution
Thanks in Advance..
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Error occured while modifying "pwdLastSet" attribute in Active Directory