Forum: Ruby ruby-net-ldap :replace_attribute error

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
2e1af8b6323bf2c6825c4166b389b3ad?d=identicon&s=25 Mike Rood (imdwalrus)
on 2008-11-14 08:37
I'm trying to use ruby-net-ldap to update Active Directory user
attributes.  Specifically, I'm trying to modify user accounts to require
users to change their passwords on next logon.  Microsoft examples
indicate that I need to set the pwdLastSet value to 0.

Both ldap.bind and ldap.search are working just fine so far.  I'm
retrieving the current pwdlastset and dn (distinguishedName) values
successfully (ruby-net-ldap apparently downcases all the standard ldap
attribute names).  However, the command
  ldap.replace_attribute userDn, :pwdlastset, 0
(where userDn = the dn value retrieved by ldap.search) blows up with
this error message:

C:/RoR/lib/ruby/gems/1.8/gems/ruby-net-ldap-0.0.4/lib/net/ber.rb:117:in
`read_ber': unsupported object type: class=context_specific,
encoding=primitive, tag=10 (Net::BER::BerError)

I've traced this through to the statement that genereates the error.
It's actually deeper in the code than the line shown in the error
statement.  At the point it blows up, it's parsing through a bunch of
binary values and I have no idea what it's trying to do.

Has anyone else seen this error and figured out what causes it and how
to get around it?

Thanks,

Mike
693634638e8f65aa4b06694af197bc7d?d=identicon&s=25 Shane Pinnell (lelio98)
on 2012-08-13 20:43
Try setting it to zero as a string:

ldap.replace_attribute userDn, :pwdlastset, "0"
This topic is locked and can not be replied to.