server is unwilling to perform - Can not create user object in active state

تعرفه تبلیغات در سایت
عنوان عکس
عنوان عکس
عنوان عکس
عنوان عکس
عنوان عکس

جستجوگر

یافته ها در جستجو

    امکانات وب

    آرشیو مطالب

    برچسب ها

    Vote count: 0

    I have managed to connect, quarry and add to AD. When adding an account with exampleA(look down) attributes set I have no problem, however when I add:

    $this->newUserEntry["UserAccountControl"] = 512; //LDAP will disable the account by default, This will create it in an enabled state
    

    I get the following warning from ldap_add() and user object is not created:

    Server is unwilling to perform
    

    ExampleA:

            $this->buildUserDN();// build distinguished name according to department name
            $this->getManagerDN();// find DN of the manager
            $this->setLogonScript();// set Logon Script
    
            $this->newUserEntry["objectclass"][0] = "top";
            $this->newUserEntry["objectclass"][1] = "person";
            $this->newUserEntry["objectclass"][2] = "organizationalPerson";
            $this->newUserEntry["objectclass"][3] = "user";
    
            //---------General Tab-----------------------------------------
            $this->newUserEntry['givenname'] = $this->givenName; //first name
            $this->newUserEntry['sn'] = $this->sn; // last name
            $this->newUserEntry["displayname"] = $this->sn.', '.$this->givenName; // display name - Format: Meow, Test
            $this->newUserEntry["physicalDeliveryOfficeName"] = $this->location; //office
            $this->newUserEntry["mail"] = $this->userMail;
            $this->newUserEntry["mailNickname"] = $this->userMail; // user mail
    
            //Change this to mobile field
            $this->newUserEntry["telephoneNumber"] = '9897157910'; // user phone
    
            //----------Account Tab----------------------------------------
            $this->newUserEntry["userPrincipalName"] = $this->samaccountname.'@comp.com'; //User logon name
            $this->newUserEntry["sAMAccountname"] = $this->samaccountname; //pre windows 2007 logon name
    
    
            //----------profile Tab-----------------------------------------
            $this->newUserEntry["scriptPath"] = $this->scriptPath; //Log on script
    
            //----------Organization Tab------------------------------------
            $this->newUserEntry["title"] = $this->title;
            $this->newUserEntry["department"] = $this->department; // department
            $this->newUserEntry["company"] = "Open Doors Test"; // Company name
            $this->newUserEntry["manager"] = $this->managerDn; // name of the manager
    

    What I have tried:

    1-Setting password attribute:

    I taught that this is happening because I do not have password attribute set, so I tried adding a password with hashing and without hashing:

    $this->newUserEntry["userPassword"] = '{MD5}' . base64_encode(pack('H*',md5($this->password))); //md5HASH - hash the password
    

    Again both attempts it failed and like before if I would remove account control user object was created with no issues.

    2- Make sure the connection is over SSL:

    I changed the way I was connecting via LDAP:

    Before:

    ldap_connect('ldap://'. $this->dnToConnect)
    

    After:

    ldap_connect('ldap://'. $this->dnToConnect, 636)

    I also ran nmap -p 636 mydomain.com to make sure the port is open and I can make a connection.

    Notes: I can make accounts, disable and enable them manually, so the problem should not be with the user and password that I am using to bind.

    Bloob is about to pop, any help would be appreciate it.

    asked 2 mins ago
    BlooB

    نویسنده : استخدام کار بازدید : 5 تاريخ : چهارشنبه 25 بهمن 1396 ساعت: 8:25
    برچسب‌ها :
    اخبار و رسانه هاهنر و ادبیاترایانه و اینترنتعلم و فن آوریتجارت و اقتصاداندیشه و مذهبفوتو بلاگوبلاگ و وبلاگ نویسیفرهنگ و تاریخجامعه و سیاستورزشسرگرمی و طنزشخصیخانواده و زندگیسفر و توریسمفارسی زبان در دیگر کشورها