Menu
I'm trying to modify 'cn' attribute of a user in Active Directory domain but it fails. Also I can't add add this attribute during the user creation process. It shows this error:
{'result': 67, 'description': 'notAllowedOnRDN', 'dn': '', 'message':
'000020B1: UpdErr: DSID-030F1087, problem 6004 (CANT_ON_RDN), data 0\n\x00',
'referrals': None, 'type': 'modifyResponse'}
My code:
def ad_connect():
server = Server(ADSERVER, use_ssl=True, port=636, get_info=ALL)
conn = Connection(server, SU_LOGIN, SU_PASS, auto_bind=True,
check_names=True)
return conn
connect = ad_connect()
...
user_dn = "CN=full.name,OU=Users,DC=test,DC=com"
cn = {'cn': (MODIFY_REPLACE, 'Full Name')} # it must be "Full Name" instead of "full.name"
connect.modify(user_dn, changes=cn)
...
connect.unbind()
Is there any way to perform this modification? There are no issues with creating the user without this attribute, by the way.
757
asked Oct 20 '25 15:10
I've figured out! There is a 'modify_dn' option in ldap3 module.
connect.modify_dn(user_dn, NEW_DN)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With