JAVA通过SSL修改MS AD账户密码

JAVA通过SSL修改MS AD账户密码
我们上一篇文章介绍了JAVA通过SSL创建MS AD账户及设置密码，今天我们主要介绍JAVA通过SSL修改MS AD账户密码，关于证书介绍，我们上一篇已经介绍了，所以直接进入重点，上代码
我们准备修改上一篇介绍时创建的gaowenlong这个账户；



我们设置修改密码的账户



上代码

package com.ixmsoft.oa.util;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.Hashtable;

import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;

public class UpdatePasswordTLS {
public static void main (String[] args)
{

Hashtable env = new Hashtable();
String adminName = "CN=Administrator,CN=Users,DC=ixmsoft,DC=com";
String adminPassword = "123";
String userName = "CN=zhushizhen,OU=IXM Adm,OU=IMXSOFT Users,DC=ixmsoft,DC=com";
String newPassword = "123456";

String keystore = "D:\\Development_Environment\\java\\jdk\\jre\\lib\\security\\cacerts";
System.setProperty("javax.net.ssl.trustStore",keystore);

//Access the keystore, this is where the Root CA public key cert was installed
//Could also do this via command line java -Djavax.net.ssl.trustStore....
//String keystore = "/usr/java/jdk1.5.0_01/jre/lib/security/cacerts";
//System.setProperty("javax.net.ssl.trustStore",keystore);

env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");

//set security credentials, note using simple cleartext authentication
env.put(Context.SECURITY_AUTHENTICATION,"simple");
env.put(Context.SECURITY_PRINCIPAL,adminName);
env.put(Context.SECURITY_CREDENTIALS,adminPassword);
env.put(Context.SECURITY_PROTOCOL,"ssl");

//connect to my domain controller
String ldapURL = "ldap://192.168.5.20:636";
env.put(Context.PROVIDER_URL,ldapURL);

try {

//           Create the initial directory context
LdapContext ctx = new InitialLdapContext(env,null);

//set password is a ldap modfy operation
ModificationItem[] mods = new ModificationItem[1];

//Replace the "unicdodePwd" attribute with a new value
//Password must be both Unicode and a quoted string
String newQuotedPassword = "\"" + newPassword + "\"";
byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");

//注意：如果是当前用户自行修改密码，需要先删除oldpassword，然后在添加新的password
/*
ModificationItem[] mods = new ModificationItem[2];
//Firstly delete the "unicdodePwd" attribute, using the old password
//Then add the new password,Passwords must be both Unicode and a quoted string
String oldQuotedPassword = "\"" + sOldPassword + "\"";
byte[] oldUnicodePassword = oldQuotedPassword.getBytes("UTF-16LE");
String newQuotedPassword = "\"" + sNewPassword + "\"";
byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
mods[0] = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, new BasicAttribute("unicodePwd", oldUnicodePassword));
mods[1] = new ModificationItem(DirContext.ADD_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword));
// Perform the update
ctx.modifyAttributes(sUserName, mods);
*/

mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword));

// Perform the update
ctx.modifyAttributes(userName, mods);

System.out.println("Reset Password for: " + userName);
ctx.close();

}
catch (NamingException e) {
System.out.println("Problem resetting password: " + e);
}
catch (UnsupportedEncodingException e) {
System.out.println("Problem encoding password: " + e);
}
catch (IOException e) {
System.out.println("Problem with TLS: " + e);
}

}

}

开始执行



我们最后看看结果




附件：http://down.51cto.com/data/2367022