使用 unboundid 更改 LDAP 中的用户密码

Change user password in LDAP using unboundid

我正在尝试使用下面的代码更改 LDAP 中的用户密码,我不是 LDAP 的管理员,所以我与一个拥有 ou=systemusers 的用户建立连接,它可以创建用户, 并将用户添加到组中。我知道用于更改的旧密码

PasswordModifyExtendedRequest passwordModifyRequest =
      new PasswordModifyExtendedRequest(
           "uid=test.user,ou=People,dc=example,dc=com", // The user to update
           (String) null, // The current password for the user.
           (String) null); // The new password.  null = server will generate

 PasswordModifyExtendedResult passwordModifyResult;
 try
 {
   passwordModifyResult = (PasswordModifyExtendedResult)
        connection.processExtendedOperation(passwordModifyRequest);
   // This doesn't necessarily mean that the operation was successful, since
   // some kinds of extended operations return non-success results under
   // normal conditions.
 }
 catch (LDAPException le)
 {
   // For an extended operation, this generally means that a problem was
   // encountered while trying to send the request or read the result.
   passwordModifyResult = new PasswordModifyExtendedResult(
        new ExtendedResult(le));
 }

 LDAPTestUtils.assertResultCodeEquals(passwordModifyResult,
      ResultCode.SUCCESS);
 String serverGeneratedNewPassword =
      passwordModifyResult.getGeneratedPassword();

但我总是得到这个结果。

PasswordModifyExtendedResult(resultCode=50 (insufficient access rights), messageID=4, diagnosticMessage='You do not have sufficient privileges to perform password reset operations') 

如何更改用户密码知道旧密码?

您必须以具有执行该操作的足够权限的用户身份登录,或者,更常见的是,以用户本人的身份使用旧密码登录,当然,这是一种额外的健全性检查。否则 LDAP 服务器配置错误。