Jump to content

Camrada

New Members
  • Posts

    2
  • Joined

  • Last visited

Camrada's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. Update: I've since been able to prove that new COM("LDAP:") successfully initialises and $ADSI->OpenDSObject successfully opens the AD object. I've tried against other user AD accounts and the script fails on the same line have replaced $user->SetPassword($newPword1); with $user->Put("pwdLastSet",0); and it successfully updated the appropriate AD attribute. So this shows that the ADSI connection is working Any ideas...?
  2. I've been stumped on this for a couple days now. I've tried various solutions to no avail. Please help... Problem: We have two domain controller, which are not under our management. We are able to connect via LDAP on port 389, but are not able to connect securely over port 636. We are developing a system to allow a number of self-service facilities, one of which is a password recovery tool. This works up to the point of resetting the users password. I have found some code via the PHP manual which appears to do what we need, but cant seem to get it to work. This is the code I have thus far if ($caller==="change"){ if (($newPword1 === NULL)||($newPword1 === "" )){ return false;} if (($newPword2 === NULL)||($newPword2 === "" )){ return false;} if ($newPword1 != $newPword2) {$result["ERROR"]="1";$result["DETAILS"]="Your new password and the confirmation must match!";exit(); } try { $adldap = new adLDAP(); } catch (adLDAPException $e) {$result["ERROR"]="1";$result["DETAILS"]="An error occurred in adLDAP";echo json_encode($result);exit(); } $userinfo = $adldap->user()->info($username, array("givenname","dn","lockouttime")); $res = $userinfo[0]["lockouttime"]; $userDN = $userinfo[0]["dn"]; $firstName = $userinfo[0]["givenname"]; $authUser = $adldap->authenticate($username,$currentPword); if ($authUser){ try { $adminUsername = $domain."\\".$adminUsername; $srvDN = "LDAP://".$serverFQDN."/"; try {$ADSI = new COM("LDAP:");} catch (exception $e){$result["ERROR"]="1";$result["ERRORmsg"]=$e->getMessage();echo json_encode($result);exit();} try {$user = $ADSI->OpenDSObject($srvDN.$userDN, $adminUsername, $adminPassword, 1);} catch (exception $e){$result["ERROR"]="2";$result["ERRORmsg"]= $e->getMessage();echo json_encode($result);exit();} try { //set password if ($user){ $result["object"]="Success"; } else { $result["object"]="Failed"; } $user->SetPassword($newPword1); //line:114 -> error occurring on this line $user->SetInfo(); $result["ERROR"]="0"; $result["DETAILS"]="Thank you $firstName[0]<br><strong>Your password has been changed</strong><br><br>This may take up to 30 minutes to take effect depending on your location";} catch (exception $e){$result["ERROR"]="3";$result["ERRORmsg"]=$e." - ".$e->getMessage();$result["DETAILS"]="An Error Occurred.";} unset($user); unset($ADSI); } catch (exception $e){$result["ERROR"]="1";$result["DETAILS"]="An Error Occurred in the ADSI COM";echo json_encode($result);exit();} } else { if ($res[0] != "0"){ $result["ERROR"]="1"; $result["DETAILS"]="Im sorry $firstName[0].<br>Your account is now locked. Please contact the IT Service Desk for advice"; } else { $result["ERROR"]="1"; $result["DETAILS"]="Im sorry $firstName[0].<br>Your current password is incorrect"; } } In testing $result["object"] returns "Success". But the code seems to fail on the $user->SetPassword($newPword1); line. The error that is being returned is: ERROR -> "3" object -> "Success" ERRORmsg -> "exception 'com_exception' with message '<b>Source:</b> Unknown<br/><b>Description:</b> Unknown' in C:\inetpub\wwwroot\<path>\<filename>.php:114 Stack trace: #0 C:\inetpub\wwwroot\<path>\<filename>.php(114): variant->SetPassword('P@ssw0rd') #1 {main} - <b>Source:</b> Unknown<br/><b>Description:</b> Unknown" DETAILS -> "An Error Occurred." The above code is in a php doc on an IIS Web Server which is called by a user viewable page over https Are you able to offer any advice or guidance? Many thanks...
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.