这段代码适用于Windows 2012 R2 AD:
首先安装最新的ldap3软件包:sudo pip install ldap
#!/usr/bin/pythonimport ldap3SERVER='127.0.0.1'baseDN="DC=domain,DC=com"USER="user_domain_login_name@domain.com"CURREENTPWD="current_password"NEWPWD="new_password"SEARCHFILTER='(&(userPrincipalName='+USER+')(objectClass=person))'USER_DN=""USER_CN=""ldap_server = ldap3.Server(SERVER, get_info=ldap3.ALL)conn = ldap3.Connection(ldap_server, USER, CURREENTPWD, auto_bind=True)conn.start_tls()#print connconn.search(search_base = baseDN, search_filter = SEARCHFILTER, search_scope = ldap3.SUBTREE, attributes = ['cn', 'givenName', 'userPrincipalName'], paged_size = 5)for entry in conn.response: if entry.get("dn") and entry.get("attributes"): if entry.get("attributes").get("userPrincipalName"): if entry.get("attributes").get("userPrincipalName") == USER: USER_DN=entry.get("dn") USER_CN=entry.get("attributes").get("cn")print "Found user:", USER_CNprint USER_DNprint ldap3.extend.microsoft.modifyPassword.ad_modify_password(conn, USER_DN, NEWPWD, CURREENTPWD, controls=None)
