解锁并重置 Active Directory 密码 Coldfusion

我使用 CFLDAP 创建了一个下拉列表。下拉菜单是我将允许其进行密码解锁和重置的用户名。

<div id="DESDD" class="form-group" style="display:none;">
                    <select name="DES" id="DES" class="form-control">
                        <option value="" selected>Please select user</option>
                        <cfoutput query="CreateDESDropdown">
                            <option value="#samaccountname#">#cn#</option>
                        </cfoutput>
                    </select>
                </div>

<div id="pass" class="form-group" style="display:none;">
                    <input type="password" name="user_pass" id="user_pass" class="form-control" placeholder="Password" required="">
                </div>
                <div id="sub" class="form-group" style="display:none;">
                    <button type="submit" name="login_user" class="btn btn-primary block full-width m-b">Reset</button>
                </div>

我被困在这里，我不知道如何让用户选择名称并能够输入新密码并在提交时更改活动目录中的密码。

所以基本上我有一个仅允许经理进入的登录页面。然后它将他们带到此页面，该页面是名称和密码输入文本框的下拉列表。带有重置提交按钮。有人可以告诉我如何允许用户从下拉列表中选择一个名称，然后只需输入密码并重置提交吗？

我不知道如何从这里继续下去。

(Apparently posting an image on here is broken)

我尝试过的：

<cftry>
    <cfscript>
        // You are going to use  the user's credentials to login to LDAP
        // Assuming your LDAP is set up to do so

        // Set up variables
        newPassword = '"thenewpassword!"';
        oldPassword = '"oldpassword"';
        // You would probably pass in a variable here, I typed it out so you would ss the format its expecting
        newUnicodePassword = newPassword.getBytes("UnicodeLittleUnmarked");
        oldUnicodePassword = oldPassword.getBytes("UnicodeLittleUnmarked");
        ldapsURL = "servername:portnumber";

        // Create a Java Hashtable
        javaEnv = CreateObject("java", "java.util.Hashtable").Init();

        // Put stuff in the Hashtable
        javaEnv.put("java.naming.provider.url", ldapsURL);
        // The user's Full DN and Password
        javaEnv.put("java.naming.security.principal", "#distinguishedName#");
        javaEnv.put("java.naming.security.credentials", "#currentPassword#");
        javaEnv.put("java.naming.security.authentication", "simple");
        javaEnv.put("java.naming.security.protocol", "ssl");
        javaEnv.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");

        // Create a Java InitialDirContext
        javaCtx = CreateObject("java", "javax.naming.directory.InitialDirContext").Init(javaEnv);

        // Create two Java BasicAttributes
        oldBA = CreateObject("java", "javax.naming.directory.BasicAttribute").Init("unicodePwd", oldUnicodePassword);
        newBA = CreateObject("java", "javax.naming.directory.BasicAttribute").Init("unicodePwd", newUnicodePassword);

        /***********************************************
        *   Stick the attributes into an Java Array and tell it what to do with them
        *   Guess what? A CF Array = a Java Array
        *   1 = DirContext.ADD_ATTRIBUTE
        *   2 = DirContext.REPLACE_ATTRIBUTE
        *   3 = DirContext.REMOVE_ATTRIBUTE
        *  This is the big trick 
        *   If you login above as an admin then you only need to do a 2 Replace but will not run LDAP passoword policy (lenght, complexity, history... etc.)
        *       It will let you change password to anything
        *   If you want to check the LDAP password policy then you need to create the array and first Remove (3) then Add (1)
        *       Error Code 19 means something in the LDAP password policy was violated
        *           I haven't figured out how to read what the error is (like "password length too short" or "you have used this password in the past")
        *       Error Code 49 means invalid username/password
        ************************************************/
        mods = [
            createObject( "java", "javax.naming.directory.ModificationItem").init(3, oldBA),
            createObject( "java", "javax.naming.directory.ModificationItem").init(1, newBA)
        ]; 
        // Run it
        javaCtx.modifyAttributes(distinguishedName,mods);
        javaCtx.close();
    </cfscript>
    // Yeah! I could have scripted the cfcatch but this was easier.
    <cfcatch>
        <cfif find('error code 19',cfcatch.message)>
            <!--- I am using cfwheels so this just displays a nice error message on the next page --->
            <cfset flashInsert(error="New password does not meet requirements defined in the password rules.")>
        <cfelseif isDefined('cfcatch.RootCause.cause.Explanation') and find('error code 49', cfcatch.RootCause.cause.Explanation)>
            <!--- I am using cfwheels so this just displays a nice error message on the next page --->
            <cfset flashInsert(error="Current Password IS incorrect.")>
        <cfelse>    
            <!--- This just pukes the error up hard and uncaught --->
            <cfrethrow>
        </cfif>
        <cfset hasError = true>
    </cfcatch>  
</cftry>

And:

<cfset new_password = '"thenewpassword"' />
<cfset unicodePwd = new_password.getBytes("UnicodeLittleUnmarked") />

<cfset javaEnv = CreateObject("java", "java.util.Hashtable").Init() />

<cfset ldapsURL = "servername:serverport" />
<cfset javaEnv.put("java.naming.provider.url", ldapsURL) />
<cfset javaEnv.put("java.naming.security.credentials", "oldpassword") />
<cfset javaEnv.put("java.naming.security.authentication", "simple") />
<cfset javaEnv.put("java.naming.security.protocol", "ssl") />
<cfset javaEnv.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory") />

<cfset javaCtx = CreateObject("java", "javax.naming.directory.InitialDirContext").Init(javaEnv) />
<cfset javaAttr = CreateObject("java", "javax.naming.directory.BasicAttributes").Init("unicodePwd", unicodePwd) />


<cfset javaCtx.close() />