ldap_modify_batch(): Batch Modify: Server is unwilling to perform

[rnrstar]

• Laravel Version: 5.5.28
• Adldap2-Laravel Version: 8.0
• PHP Version: 7.0.33
• LDAP Type: ActiveDirectory

Description:

After creating a user I'm trying to enable the account and I'm getting the above error message. The user that is used to connect to LDAP has belongs to domain admins.

<!-- Steps to Reproduce is optional. -->
// Save the user to AD.
        if($user->save())
        {
            if($suser = Adldap::search()->whereEquals('cn',$nur->first_name . " " . $nur->last_name)->firstOrFail())
            {
                echo "Found the user";
                $suser->setUserAccountControl('512');
            $suser->update();
            }
            else
            {
                die("failed to find user");
            }
        }

[stevebauman]

Hi @rnrstar,

Does the user that you created have a password set? You must set the users password before enabling them, otherwise you will receive this error from ActiveDirectory.

[rnrstar]

When I create the user, I'm also setting the password, see below. I've tried to login using that password and it doesn't appear to work. Is there another way I should be setting the password?

$pw = "NEW.Trainee." . $request->extension_id;
// Now create the user in active directory.
        $user = Adldap::make()->user();
                $user->setPassword($pw);
                // I'm setting other things like cn, etc. I've just omitted them as they don't seem to be the issue and to shorten the code that's pasted here.
$user->save();