Impossible to modify user password whereas `ForceChangedPassword` is present

[n3rada]

I'm experiencing an issue with the ldeep tool when attempting to change user passwords, which works flawlessly with bloodyAD. Below are the details of the commands used and the error encountered.

ldeep ldap -d "dev.com" -s ldap://172.16.172.52 -u "adminweb" -p "aaaadvdfdgdfh" modify_password 'nina' 's3curepassw0rd!'

It failed:

[!] Unable to change nina's password, check privileges or try with ldaps://

Whereas with bloodyAD it is totally fine:

bloodyAD --host "172.16.172.52" -d "dev.com" -u "adminweb" -p "aaaadvdfdgdfh"  set password 'nina' 's3curepassw0rd!'

Considering the success of the password change using bloodyAD, perhaps ldeep could benefit from integrating a similar method for password modifications. The relevant method in bloodyAD can be found here.

[BastienFaure]

@n3rada did you try with LDAPS as suggested ? Most tools will attempt a first connection through LDAPS and thus succeed. But you used an LDAP connection and I would not be surprised that the server requires password changes to be performed over a secured channel.

Maybe we could default to LDAPS (which we don't at the time) but here you specifically requested LDAP.

[n3rada]

I tried LDAPS and it didn't work either. Have you checked the mentioned code block of bloodyAD that works?

[BastienFaure]

I could but what I would be missing is the configuration of the Active Directory you were working against. I'd like to implement a change but I need to test it against something.

[n3rada]

Unfortunately, I didn't control this Active Directory domain. It was a challenge. 🥲

The only thing I know for sure is that it worked with bloodyAD. To test, you can try to set the ForceChangePassword right on a user (ExtendedRight on User-Force-Change-Password object type).