Reputation: 3
How can I get Active Directory Password Policy Error in Java Client while changing password
I am changing active directory password from java client. I am getting general error like 'Will Not Perform'. I am using windows 2003 server for active directory. How can I get specific errors like password strength or length error?
Upvotes: 0
Views: 1582
Answers (2)
Reputation: 2209
On Windows 2003 along with the LDAP error code for "Will Not Perform", the AD returns an error message. That error message contains all the data you need. Part of it is System Error Code, which specifies more exact error, and sometimes the string ends with data XXX, which provides some more information, however I was never able to find from where XXX codes are taken (in most cases it is just 0), so you may need to experiment a little.
In your case the message will look similar to this one:
LDAP error 0x35. Unwilling To Perform (0000052D: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0).
In this case the error is:
ERROR_PASSWORD_RESTRICTION 1325 (0x52D)
Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain.
Upvotes: 1
Reputation: 4503
There's no mechanism to get this level of detail back from LDAP especially on Windows 2003.
Upvotes: 0
Related Questions
- Not able to Update password and useraccountcontrol in AD using Spring LDAP
- Changing Active Directory user password from java program
- PASSWD_CANT_CHANGE flag not present in UserAccountControl attribute
- Change AD Password with Java
- Java LDAP password authentication
- Changing LDAP users password
- Unable to login to AD account with given password
- JAVA - Active directory and ldap password properties
- Change mail attribute of Active Directory
- Java Sample to modify AD user "Change Password At Next Logon"