Fwd: [jcifs] jcifs-ext password change - UserManagement

Eric Glass eric.glass at gmail.com
Sat Jul 31 09:27:22 GMT 2004 

FYI for others on the list.

Eric


---------- Forwarded message ----------

Finally nailed it down. Turns out that you get the same error 86 for
password restrictions. When I tried to set a password of less than 5
characters, it balked. What I was doing was changing a short password as
a test, which succeeded, then trying to change it back, which failed
because it was too short. Maybe an opportunity for a different
exception? Thanks again for the quick response.



>>> Eric Glass <eric.glass at gmail.com> 07/30/04 10:24 AM >>>
> When I use the following code against a samba server (RHEL 3, Samba
> 3.0.4,) I can change exactly 1 password. Subsequent executions against
> the same user or any other user generate a RapException 86. Have also
> tried using a bean and persisting the UserManagement object, rather
than
> creating new each time. Am guessing since there are no docs or
examples
> in the latest release on sourceforge (api docs also lack all
comments.)
> Seems as though the connection isn't clearing or something like that,
as
> it will not work again for some time after initial success. Any help
> would be greatly appreciated.
>

Yes, I apologize; I have lots of projects going on, and little time
for each (this is spare-time stuff anyhow).  I'm currently working on
Davenport, looking to revisit jcifs-ext next.

Error 86 is incorrect password:

http://msdn.microsoft.com/library/en-us/debug/base/system_error_codes__0-499_.asp

Running your test program like:

    java test DOMAIN user oldpassword newpassword

This should connect to 127.0.0.1 as "DOMAIN\user" (using password
"oldpassword"); it will then change the password for account "user" on
that target (127.0.0.1) to "newpassword".

Some things that might affect it:

1) If 127.0.0.1 is not a domain controller for "DOMAIN", this will
attempt to change the password of a local account on 127.0.0.1 (i.e.,
the target realm for the operation is 127.0.0.1, not "DOMAIN").  If
there is an account with the same name on the local box, but a
mismatched password, this will fail.

2) You mentioned that it succeeded once, but then failed; are you
rerunning it with the same password (i.e. the old one)?  Sounds silly,
but I've done similar things before.

3) The RAP function may not be supported fully under Samba (RPCs are
what newer systems use to do this, but we don't support them yet).

4) It could very well be a bug in my code. :/  If you have a packet
trace of the successful change followed by the failed change, I can
take a look and see what's different; send it to me directly.  I'd
also need the passwords involved.

Eric

More information about the jcifs mailing list