1
我試圖在LDAP中創建用戶帳戶。用於連接LDAP的示例代碼我可以連接到LDAP並在禁用模式下創建用戶(UserAccountControl == 514)。當我嘗試設置密碼或啓用帳戶。會有錯誤等服務器不願意在Active Directory中執行此操作5003
「{ '信息': '0000001F:SvcErr:DSID-031A12D2,問題5003(WILL_NOT_PERFORM),數據0 \ n', '降序': 'Server是不願意執行'}」
我使用python-ldap庫。這裏是我的示例代碼添加和啓用用戶帳戶
user_attrs['objectclass'] = ['top', 'person', 'organizationalPerson', 'user']
user_attrs['cn'] = username
user_attrs['givenName'] = username
user_attrs['sn'] = username
user_attrs['displayName'] = username
user_attrs['userAccountControl'] = '514'
user_attrs['mail'] = str(user["email"])
user_attrs['department'] = str(user["department"])
user_ldif = modlist.addModlist(user_attrs)
add_pass = [(ldap.MOD_REPLACE, 'unicodePwd', [password])]
# 512 will set user account to enabled
mod_acct = [(ldap.MOD_REPLACE, 'userAccountControl', '512')]
# Add the new user account
try:
ldap_connection.add_s(user_dn, user_ldif)
except ldap.LDAPError, error_message:
print "Error adding new user: %s" % error_message
return False
# Add the password
try:
ldap_connection.modify_s(user_dn, add_pass)
except ldap.LDAPError, error_message:
print "Error setting password: %s" % error_message
return False
# Change the account back to enabled
try:
ldap_connection.modify_s(user_dn, mod_acct)
except ldap.LDAPError, error_message:
print "Error enabling user: %s" % error_message
return False
print "User created %s" % username
任何人請讓我知道是否有任何解決方案或修復。
我在Ubuntu的ldap.conf:
TLS_CACERT /etc/ssl/certs/ca-certificates.crt