How can I change password for domain user(windows Active Directory) using Python?(如何使用 Python 更改域用户(Windows Active Directory)的密码?)
问题描述
如何使用 Python 更改域用户的密码?我有 ldap 模块,但没有解决方案.我设法通过 ldap 查询当前设置,但如何修改它?
How can I change the password for a domain user with Python? I have the ldap modules on board but have no solution. I managed to query the current settings via ldap, but how can modify it?
import ldap
import sys
host = 'ldap://10.172.0.79'
con = ldap.initialize(host)
BIND_DN = "administrator@biztalk.com"
BIND_PASS = "a-123456"
con.set_option( ldap.OPT_X_TLS_DEMAND, True )
con.set_option( ldap.OPT_DEBUG_LEVEL, 255 )
PASSWORD_ATTR = "unicodePwd"
username="bizadmin"
user_dn = "CN=%s,OU=User,OU=biztalk,DC=biz-talk,DC=com" % username
password = 'New12345'
# Set AD password
unicode_pass = unicode(""" + password + """, "iso-8859-1")
password_value = unicode_pass.encode("utf-16-le")
add_pass = [(ldap.MOD_REPLACE, PASSWORD_ATTR, [password_value])]
# Replace password
try:
con.modify_s(user_dn, add_pass)
print "Active Directory password for", username, "was set successfully!"
except ldap.LDAPError, e:
sys.stderr.write('Error setting AD password for: ' + username + '
')
sys.stderr.write('Message: ' + str(e) + '
')
sys.exit(1)
错误
pydev 调试器:启动
pydev debugger: starting
为:bizadmin 设置 AD 密码时出错
Error setting AD password for: bizadmin
消息:{'desc':无法联系 LDAP 服务器"}
Message: {'desc': "Can't contact LDAP server"}
Python 更改域(Microsoft Active Directory)用户密码.
Python change domain(Microsoft Active Directory) user's password.
...需要python和域之间的认证服务吗?
...requires certification services between python and domain?
你有什么好的处理方法吗?
Could you have any good ways to deal with it?
谢谢!
推荐答案
此代码适用于 Windows 2012 R2 AD:
This code is working with Windows 2012 R2 AD:
首先安装最新的 ldap3 包:须藤pip安装ldap
First install latest ldap3 package: sudo pip install ldap
#!/usr/bin/python
import ldap3
SERVER='127.0.0.1'
BASEDN="DC=domain,DC=com"
USER="user_domain_login_name@domain.com"
CURREENTPWD="current_password"
NEWPWD="new_password"
SEARCHFILTER='(&(userPrincipalName='+USER+')(objectClass=person))'
USER_DN=""
USER_CN=""
ldap_server = ldap3.Server(SERVER, get_info=ldap3.ALL)
conn = ldap3.Connection(ldap_server, USER, CURREENTPWD, auto_bind=True)
conn.start_tls()
#print conn
conn.search(search_base = BASEDN,
search_filter = SEARCHFILTER,
search_scope = ldap3.SUBTREE,
attributes = ['cn', 'givenName', 'userPrincipalName'],
paged_size = 5)
for entry in conn.response:
if entry.get("dn") and entry.get("attributes"):
if entry.get("attributes").get("userPrincipalName"):
if entry.get("attributes").get("userPrincipalName") == USER:
USER_DN=entry.get("dn")
USER_CN=entry.get("attributes").get("cn")
print "Found user:", USER_CN
print USER_DN
print ldap3.extend.microsoft.modifyPassword.ad_modify_password(conn, USER_DN, NEWPWD, CURREENTPWD, controls=None)
这篇关于如何使用 Python 更改域用户(Windows Active Directory)的密码?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!
本文标题为:如何使用 Python 更改域用户(Windows Active Directory)的
基础教程推荐
- 在 Python 中,如果我在一个“with"中返回.块,文件还会关闭吗? 2022-01-01
- 何时使用 os.name、sys.platform 或 platform.system? 2022-01-01
- 使用PyInstaller后在Windows中打开可执行文件时出错 2022-01-01
- 线程时出现 msgbox 错误,GUI 块 2022-01-01
- 用于分类数据的跳跃记号标签 2022-01-01
- 筛选NumPy数组 2022-01-01
- 如何在海运重新绘制中自定义标题和y标签 2022-01-01
- 如何让 python 脚本监听来自另一个脚本的输入 2022-01-01
- Dask.array.套用_沿_轴:由于额外的元素([1]),使用dask.array的每一行作为另一个函数的输入失败 2022-01-01
- Python kivy 入口点 inflateRest2 无法定位 libpng16-16.dll 2022-01-01
