I’m trying to use ruby-net-ldap to update Active Directory user
attributes. Specifically, I’m trying to modify user accounts to require
users to change their passwords on next logon. Microsoft examples
indicate that I need to set the pwdLastSet value to 0.
Both ldap.bind and ldap.search are working just fine so far. I’m
retrieving the current pwdlastset and dn (distinguishedName) values
successfully (ruby-net-ldap apparently downcases all the standard ldap
attribute names). However, the command
ldap.replace_attribute userDn, :pwdlastset, 0
(where userDn = the dn value retrieved by ldap.search) blows up with
this error message:
C:/RoR/lib/ruby/gems/1.8/gems/ruby-net-ldap-0.0.4/lib/net/ber.rb:117:in
`read_ber’: unsupported object type: class=context_specific,
encoding=primitive, tag=10 (Net::BER::BerError)
I’ve traced this through to the statement that genereates the error.
It’s actually deeper in the code than the line shown in the error
statement. At the point it blows up, it’s parsing through a bunch of
binary values and I have no idea what it’s trying to do.
Has anyone else seen this error and figured out what causes it and how
to get around it?
Thanks,
Mike