0

我可以在没有任何 SSL(意味着使用 port389)和密码(新用户登录)的情况下使用 Boomi 创建用户,但我想更改用户的电话号码,但出现此错误:

javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 00000057: LdapErr: DSID-0C042612, comment: Error in attribute conversion operation, data 0, v4563?]; remaining name ''???at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3332)???at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3205)???at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2996)???at java.naming/com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1504)???at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:277)???at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:192)???at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:181)???at java.naming/javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:167)???at com.boomi.connector.LDAP.LDAPConnection.updateObject(LDAPConnection.java:190)???at com.boomi.connector.LDAP.LDAPUpdateOperation.executeUpdate(LDAPUpdateOperation.java:227)???at com.boomi.connector.util.BaseUpdateOperation.execute(BaseUpdateOperation.java:30)???at com.boomi.connector.generic.GenericConnectorAction.invoke(GenericConnectorAction.java:189)???at com.boomi.connector.generic.GenericConnectorAction.invoke(GenericConnectorAction.java:172)???at com.boomi.connector.base.BaseConnectorAction.invokeBase(BaseConnectorAction.java:368)???at com.boomi.connector.base.BaseConnectorAction.invokeWithReadStore(BaseConnectorAction.java:304)???at com.boomi.connector.base.BaseConnectorAction.invoke(BaseConnectorAction.java:276)???at jdk.internal.reflect.GeneratedMethodAccessor29.invoke(Unknown Source)???

我用谷歌搜索了这个错误的意思:

Indicates that the LDAP server cannot process the request because of server-defined restrictions. This error is returned for the following reasons: 
1. The add entry request violates the server's structure rules
2. The modify attribute request specifies attributes that users cannot modify -> I just want to change phone number.
3. Password restrictions prevent the action
4. Connection restrictions prevent the action. -> I think I can create user, so the connection is fine!

如果 LDAP 错误代码 53 意味着我需要使用“SSL”执行所有操作,为什么我可以创建用户?我该如何解决这个问题?

4

1 回答 1

0

用户实际上可能没有被正确配置。也许它已经创建了,但是由于密码无效,该帐户未启用。运行 LDAP 客户端并尝试使用您提供的凭据以新用户身份登录。它有效吗?

两个建议:

  1. 如果您要创建用户/设置密码,或者基本上是 AD LDAP 中的任何内容,请使用 LDAPS。这些天没有理由不这样做,而且微软正在从非 Windows 客户端弃用普通 LDAP,所以您不妨现在就这样做。您只需要安装/信任签发 DC 的 LDAPS 证书的任何 CA 证书链(根证书和中间证书)。您不需要安装任何客户端 LDAP 证书。

  2. 检查目标域的密码策略,确保您尝试设置的密码在复杂性、长度等方面满足要求。

于 2021-07-21T08:56:27.197 回答