SYNOPSIS
use Net::LDAP::Extra qw(AD);
$ldap = Net::LDAP->new( ... );
...
if ($ldap->is_AD || $ldap->is_ADAM) {
$ldap->change_ADpassword($dn, $old_password, $new_password);
}
DESCRIPTION
Net::LDAP::Extra::AD tries to spare users the necessity to reinvent the wheel again and again in order to correctly encode password strings so that they can be used in AD password change operations.To do so, it provides the following methods:
METHODS
- is_AD ( )
-
Tell if the LDAP server queried is an Active Directory Domain Controller.
As the check is done by querying the root DSE of the directory, it works without being bound to the directory.
- is_ADAM ( )
-
Tell if the LDAP server queried is running AD LDS
(Active Directory Lightweight Directory Services),
previously known as ADAM (Active Directoy Application Mode).
As the check is done by querying the root DSE of the directory, it works without being bound to the directory.
- change_ADpassword ( DN, OLD_PASSWORD, NEW_PASSWORD )
-
Change the password of the account given by DN from
its old value OLD_PASSWORD to the new value NEW_PASSWORD.
This method requires encrypted connections.
- reset_ADpassword ( DN, NEW_PASSWORD, OPTIONS )
-
Reset the password of the account given by DN to the value
given in NEW_PASSWORD.
OPTIONS is a list of key/value pairs. The following keys are recognized:
-
- force_change
- If TRUE, the affected user is required to change the password at next login.
-
For this method to work, the caller needs to be bound to AD with sufficient permissions, and the connection needs to be encrypted.
-
AUTHOR
Peter Marschall <[email protected]<gt>COPYRIGHT
Copyright (c) 2012 Peter Marschall. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.