java – 没有SSL的Active Directory密码重置

import javax.naming.*; 
import javax.naming.directory.*; 
import javax.naming.ldap.*; 
import java.util.*; 
import java.security.*; 
public class ADConnection { 
DirContext ldapContext; 
String baseName = ",cn=users,DC=fabrikam,DC=com"; 
String serverIP = "10.1.1.7"; 
public ADConnection() { 
try { 
Hashtable ldapEnv = new Hashtable(11); 
ldapEnv.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory"); 
ldapEnv.put(Context.PROVIDER_URL,"ldap://" + serverIP + ":389"); 
ldapEnv.put(Context.SECURITY_AUTHENTICATION,"simple"); 
ldapEnv.put(Context.SECURITY_PRINCIPAL,"cn=administrator" + baseName); 
ldapEnv.put(Context.SECURITY_CREDENTIALS,"PA$$w0rd"); 
ldapContext = new InitialDirContext(ldapEnv); 
} 
catch (Exception e) { 
System.out.println(" bind error: " + e); 
e.printStackTrace(); 
System.exit(-1); 
} 
} 
public void updatePassword(String username,String password) { 
try { 
String quotedPassword = """ + password + """; 
char unicodePwd[] = quotedPassword.toCharArray(); 
byte pwdArray[] = new byte[unicodePwd.length * 2]; 
for (int i=0; i<unicodePwd.length; i++) { 
pwdArray[i*2 + 1] = (byte) (unicodePwd[i] >>> 8); 
pwdArray[i*2 + 0] = (byte) (unicodePwd[i] & 0xff); 
} 
ModificationItem[] mods = new ModificationItem[1]; 
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,new BasicAttribute("UnicodePwd",pwdArray)); 
ldapContext.modifyAttributes("cn=" + username + baseName,mods); 
} 
catch (Exception e) { 
System.out.println("update password error: " + e); 
System.exit(-1); 
} 
} 
public static void main(String[] args) { 
ADConnection adc = new ADConnection(); 
adc.updatePassword("Java User2",pass@word3); 
} 
}

造成：

javax.naming.OperationNotSupported: [LDAP: error code 53 - 00002077: SvcErr: DSID-03190F0A,problem 5003 (WILL_NOT_PERFORM)....

假设我们可以信任Microsoft文档(密码可以通过非ssl端口389重置),我怀疑java API并且想要使用套接字与AD建立直接连接并运行reset password命令,实际上正在寻找替代方法javax.naming中.*.那可能吗？有人试过没有ssl重置AD密码？

P.S：Application Server和AD服务器处于私有安全网络中,我并不担心嗅探.