I am trying to change the password of the currently logged in user via ldifde using this command:
ldifde -i -f pwd.ldif -t 636
My AD server is running in SSL mode with a self signed certificate. The pwd.ldif contains the following:
dn: CN=test,cn=users,dc=skenzo,dc=ad,dc=com
changeType: modify
replace: unicodePwd
unicodePwd:: InF3ZWRzYUAxMjMi
-
Now, this works, when I run the command as Administrator, since the default permission to change password is there. However, every user should have rights to change their own password. Which is why I am trying this out.
Full log is given here:
Connecting to "<server-name>"
Logging in as current user using SSPI
Importing directory from file "pwd.ldif"
Loading entries.
Add error on entry starting on line 1: Insufficient Rights
The server side error is: 0x5 Access is denied.
The extended server error is:
00000005: SecErr: DSID-031A1190, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
0 entries modified successfully.
An error has occurred in the program
No log files were written. In order to generate a log file, please
specify the log file path via the -j option.
