python-3.x – 无法通过ldap3 Python3更改用户密码

{'type': 'modifyResponse','result': 53,'message': '0000001F: SvcErr: DSID-031A12D2,problem 5003 (WILL_NOT_PERFORM),data 0nx00','referrals': None,'description': 'unwillingToPerform','dn': ''}

由于以下两个条件,通常会发生此错误：用户尝试通过未加密的连接修改密码,或者使用不正确的编码发送密码.我的SSL连接很好(至少看起来像是这样)：

print(connection)
>>> ldaps://DC1.DOMAIN.LOCAL:636 - ssl - user: DOMAINadmin - not lazy - bound - open - <local: 172.16.10.2:49230 - remote: 172.16.10.254:636> - tls not started - listening - SyncStrategy - internal decoder

我试图编码我正在尝试发送到LDAP服务器的字符串,但.encode(‘utf-16le’)没有做到这一点.还有其他解决方法吗？

我有一个测试域环境,Windows Server 2012 R2作为域控制器,我正在尝试更改密码的代码如下所示.

import ssl
from ldap3 import *

tls_configuration = Tls(validate=ssl.CERT_REQUIRED,version=ssl.PROTOCOL_TLSv1_2)
s = Server('DC1.domain.local',get_info=ALL,use_ssl=True,tls=tls_configuration)
password = 'mypasswordhere'
c = Connection(s,user="DOMAINadmin",password=password)
c.open()
c.bind()

user = "CN=Dummy Dumass,OU=Automatically Generated,OU=Staff,OU=RU,DC=DOMAIN,DC=LOCAL"

c.modify(user,{
    'unicodePwd': [(MODIFY_REPLACE,['New12345'])]
})

print(c.result)
c.unbind()