Sur*_*Att 3 active-directory adlds
默认情况下,Active Directory不允许进行密码操作,例如密码更新或使用LDAP连接创建密码的用户,它需要LDAPS连接.如何禁用此政策?我可以确保我的客户端和AD之间的连接是安全的,因此我不需要SSL加密.
打开命令行(开始→运行→ cmd)并键入以下命令:
dsmgmtds behaviorconnectionsconnect to server localhostquitallow passwd op on unsecured connectionlist current ds-behaviorquitquit整个事情应该是这样的(添加空行以便于阅读)
C:\Windows\system32>dsmgmt
dsmgmt: ds behavior
AD DS/LDS behavior: connections
server connections: connect to server localhost
Binding to localhost ...
Connected to localhost using credentials of locally logged on user.
server connections: quit
AD DS/LDS behavior: allow passwd op on unsecured connection
Successfully modified DS Behavior to reset password over unsecured network.
AD DS/LDS behavior: list current ds-behavior
Password operations on unsecured connection: Allowed.
AD DS/LDS behavior: quit
dsmgmt: quit
要撤消更改,请dsmgmt再次打开并按照步骤操作.而不是allow,使用deny passwd op on unsecured connection.
资料来源:http://www.forumeasy.com/forums/thread.jsp?tid = 135602313860&fid =ldapprof9
| 归档时间: |
|
| 查看次数: |
2939 次 |
| 最近记录: |