[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap password modify extended operation

François Beretti wrote:


I am trying to use the extended operation "password modify" with the openldap C API

Here is my code :

( pNewPassword  and pOldPassword  are NULL terminated char*)

       BerElement *pBerElement = ber_alloc_t( LBER_USE_DER );

ber_printf( pBerElement, "{" );
ber_printf( pBerElement, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_ID, pUserDN );
ber_printf( pBerElement, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_OLD, pOldPassword );
ber_printf( pBerElement, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, pNewPassword );
ber_printf( pBerElement, "N}" );

       struct berval *pBv = NULL;
       rc = ber_flatten( pBerElement, &pBv );
       if ( rc < 0 || pBv->bv_val == NULL ) {
               ber_free( pBerElement, 1 );
               return SEC_E_FAIL;

int id = LDAP_OTHER;
rc = ldap_extended_operation( m_ld, LDAP_EXOP_MODIFY_PASSWD, pBv, NULL, NULL, &id );
ber_free( pBerElement, 1 );
ber_bvfree( pBv );

ldap_extended_operation then returns LDAP_NOT_SUPPORTED

I use openldap 2.0.21 client API and server, for technical reasons (no rpm for AIX for the last releases)
the ldappassword command only works if I don't specify the old password when I use it

I tried to comment the line related to the old password but this does not change anything

François Beretti

All apologies, openldap 2.0.21 uses LDAPv2 by default... and I did not set the protocol version to 3