I'm trying to use ruby-net-ldap to update Active Directory user attributes. Specifically, I'm trying to modify user accounts to require users to change their passwords on next logon. Microsoft examples indicate that I need to set the pwdLastSet value to 0. Both ldap.bind and ldap.search are working just fine so far. I'm retrieving the current pwdlastset and dn (distinguishedName) values successfully (ruby-net-ldap apparently downcases all the standard ldap attribute names). However, the command ldap.replace_attribute userDn, :pwdlastset, 0 (where userDn = the dn value retrieved by ldap.search) blows up with this error message: C:/RoR/lib/ruby/gems/1.8/gems/ruby-net-ldap-0.0.4/lib/net/ber.rb:117:in `read_ber': unsupported object type: class=context_specific, encoding=primitive, tag=10 (Net::BER::BerError) I've traced this through to the statement that genereates the error. It's actually deeper in the code than the line shown in the error statement. At the point it blows up, it's parsing through a bunch of binary values and I have no idea what it's trying to do. Has anyone else seen this error and figured out what causes it and how to get around it? Thanks, Mike
on 2008-11-14 08:37
on 2012-08-13 20:43
Try setting it to zero as a string: ldap.replace_attribute userDn, :pwdlastset, "0"
Enable email notification
Enable multi-page viewPlease log in before posting. Registration is free and takes only a minute.
Existing account
(Switch to SSL-encrypted connection)
NEW: Do you have a Google/GoogleMail or Yahoo account? No registration required!
Log in with Google account | Log in with Yahoo account
Log in with Google account | Log in with Yahoo account
No account? Register here.