Nodejs ldapjs activedirectory - Password reset without knowing current password

Question

In Nodejs how to reset active directory password without knowing the current password?

I use the below 2 libraries at the moment.

https://www.npmjs.com/package/activedirectory

http://ldapjs.org/index.html

I have the below code which works perfectly if I know the current password. But I also want to reset password, if I dont know the current password.

function modifyPassword() {

   return new Promise((resolve, reject) => {

    try {
      //ldapClient.bind(userDN, oldPassword, err => {
      ldapClient.bind(service_acc_user, service_acc_pwd, err => {
        if (err) {
          reject(err);
        }

        ldapClient.modify(userDN, [
          new ldap.Change({
            operation: 'delete',
            modification: {
              unicodePwd: encodePassword(oldPassword)
            }
          }),
          new ldap.Change({
            operation: 'add',
            modification: {
              unicodePwd: encodePassword(newPassword)
            }
          })
        ], (error) => {
          if (error) {
            reject(error);
          } else {
            resolve('Successfully password modified.');
          }
        });
      })
    } catch (error) {
      console.error(error);
      reject(error);

       }
      })
}

I tried to use the above code by passing a dummy current password but got the below error.

'00000056: AtrErr: DSID-03190F80, #1:\n\t0: 00000056: DSID-03190F80, problem 1005 (CONSTRAINT_ATT_TYPE), data 0, Att 9005a (unicodePwd)\n\u0000'

Answer 1

When sending add and delete at the same time Active Directory treats it as a normal password reset, to perform an administrator password reset Active Directory only expects to receive the replace command.

I posted on the Github issue, but came here in hopes of getting the correct answer points. :D