AD password reset using UNBoundID SDK

Question

I am trying to change the AD password using UNBoundID LDAP sdk as below.

    try{
    LDAPConnection connection=new LDAPConnectionObject().getConnection();
    PasswordModifyExtendedRequest passwordModifyRequest =
    new PasswordModifyExtendedRequest(
    user, // The user to update
    oldPass, // The current password for the user.
    newPass); // The new password.  null = server will generate

    PasswordModifyExtendedResult passwordModifyResult;
    try
    {
    passwordModifyResult = (PasswordModifyExtendedResult)
    connection.processExtendedOperation(passwordModifyRequest);
    System.out.println("passwordModifyResult---"+passwordModifyResult);
    }
    catch (LDAPException le)
    {
    le.printStackTrace();
    passwordModifyResult = new PasswordModifyExtendedResult(
    new ExtendedResult(le));
    }

    LDAPTestUtils.assertResultCodeEquals(passwordModifyResult,
    ResultCode.SUCCESS);
    String serverGeneratedNewPassword =
    passwordModifyResult.getGeneratedPassword();
    }catch(LDAPException e){
    e.printStackTrace();

    }
    }

It throwing error as below,

    LDAPException(resultCode=2 (protocol error), errorMessage='0000203D: LdapErr: DSID-0C090C7D, comment: Unknown extended request OID, data 0, vece , diagnosticMessage='0000203D: LdapErr: DSID-0C090C7D, comment: Unknown extended request OID, data 0, vece

Can anyone please correct me on this?

Thanks in advance

Answer 1

It sounds like Active Directory (or at least the installation you are using) doesn't support the use of the password modify extended operation. However, you can change user passwords using LDAP modify operations if you construct the modification properly. See http://www.dirmgr.com/blog/2010/8/26/ldap-password-changes-in-active-directory.html for a description of the requirements and a code example.