Hello,

I am trying to use the AD driver to unlock Intruder Lockout on the AD
account when performing a password change in Identity. Essentially I am
just clearing the lockoutTime attribute in the code. I am getting the
following error:

Status: Error
Message: <ldap-err ldap-rc="53"
ldap-rc-name="LDAP_UNWILLING_TO_PERFORM">
<client-err ldap-rc="53"
ldap-rc-name="LDAP_UNWILLING_TO_PERFORM">Unwilling To
Perform</client-err>
<server-err>00002077: SvcErr: DSID-0319039A, problem 5003
(WILL_NOT_PERFORM), data 0
</server-err>
<server-err-ex win32-rc="8311"/>
</ldap-err>


I can perform a similar action on the Novell eDirectory with no issues.
My AD admin verified that the driver account should have rights to
perform an account unlock. Do I need to write a different code in the
driver for AD?


--
kimlamon
------------------------------------------------------------------------
kimlamon's Profile: http://forums.novell.com/member.php?userid=66875
View this thread: http://forums.novell.com/showthread.php?t=422637