使用perl-ldap修改a user’s password in MS Active Directory

1.安裝perl-ldap
  ：http://search.cpan.org/~gbarr/perl-ldap/

  前提是已經安裝perl工具包。首先查看perl版本
  [root@local~]perl -V
  Built under linux
  Compiled at Nov  8 2007 06:49:06
  @INC:
    /usr/lib64/perl5/site_perl/5.8.8/x86_64-linux-thread-multi
    /usr/lib/perl5/site_perl/5.8.8
    /usr/lib/perl5/site_perl
    /usr/lib64/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi
    /usr/lib/perl5/vendor_perl/5.8.8
    /usr/lib/perl5/vendor_perl
    /usr/lib64/perl5/5.8.8/x86_64-linux-thread-multi
    /usr/lib/perl5/5.8.8
  接著，解壓安裝(安裝方式是手動，不需要執行make)
  [root@local~]tar -zxvpf perl-ldap-0.39.tar.gz
  [root@local~]cd perl-ldap-0.39/lib
  [root@local~]cp -a * /usr/lib/perl5/site_perl/5.8.8
2.安裝perl-ldap依賴的Convert::ASN1模組
   ：http://search.cpan.org/search?module=Convert::ASN1

   [root@local~]tar -zxvpf Convert-ASN1-0.22.tar.gz     
   [root@local~]cd Convert-ASN1-0.22
   [root@local~]perl Makefile.PL
   [root@local~]make
   [root@local~]make install
3. 使用perl-ldap修改a user's password in MS Active Directory
   [root@local~]$ vim chg_passwd.pl

#!/usr/bin/perl -w

use strict;
use Net::LDAPS;

my($Ad, $mesg, $uid, $pass, $npass, $dn, $rtn);

#($uid, $pass) = split(" ",<STDIN>);
$uid="test";
$pass="123456";

if (($uid eq "") or ($pass eq "")) {
    print "Uid and/or password missing in input/n"; exit 1;
}

print "Trying to set $uid to password $pass/n";
# 1. Bind to the AD server
    $Ad = Net::LDAPS->new("ad02.example.com",  port=>636, version => 3) or print "Unable to connect to AD server/n", exit 2;

    $Ad->bind(dn => "cn=administrator,ou=finance,dc=example,dc=com", password => "123456") or print "Unable to bind to AD server/n", exit 2;

#2. Do a AD lookup to get the dn for this user
    $mesg = $Ad->search(base => "DC=example,DC=com", filter => "cn=$uid");
    print $mesg->count;
    print "/n";    
    if($mesg->count != 1) {
        print "AD lookup failed for user $uid/n"; exit 3;
    }
#4. Add quotes and uniCode
    map { $npass .= "$_/000" } split(//, "/"$pass/"");
#5. Now change their password.
    $dn = $mesg->entry(0)->dn;
    $rtn = $Ad->modify($dn, replace => [ "unicodePwd" => $npass ]);
    if($rtn->{'resultCode'} != 0) {
        print "User $uid, setting password failed/n"; exit 2;
    }
#6. free
   $Ad->unbind();
   print "Password for $uid changed in AD/n";
   exit 0;