I am having a crazy Problem when updating the password of an AD user via PHP ldap API.
This is the function (part of a class) I use for updating the pw:
function updatePassword($newPassword){ // works only with LDAPS (LDAP WITH SSL/TLS ENCRYPTION)
$newPassword = """. $newPassword. """;
$newPassw = "";
$len = strlen($newPassword);
for($i = 0; $i < $len; $i++){
$newPassw .= "{$newPassword{$i}}00";
}
$newPassword = $newPassw;
//$newPassword = mb_convert_encoding($newPassword, "UTF-16LE");
$newEntry = array("unicodePwd" => $newPassword);
$dn = $this->getUserInformation()["distinguishedname"];
if(ldap_mod_replace($this->connection, $dn, $newEntry)){
return true;
}
return ldap_error($this->connection);
}
After a user updates his password, the new one is working, but for quite some time, the old password is still working too. So the user is able to login to our web application and also into windows with his new password, as well as his old password...
Does someone has an idea or knows what the problem could be?
(Some Background Information:
- AD DC Server: Windows Server 2019 / Windows Server 2016
- Webserver: Debian 9 with Apache 2 (2.25)
- PHP Version 7.4
)
question from:
https://stackoverflow.com/questions/66046270/crazy-ldap-ad-password-update-problem-php 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
