This adds a module, auxiliary/admin/ldap/change_password, for changing/resetting AD passwords over the LDAP protocol.
Actions:
CHANGE: Changing an existing (known password).
RESET: Forcing a password reset by having privileges over the target account.
Works on both standard 389 and SSL-encrypted on 636 (since we use GSS-API encryption)
Verification
Do the test cases below with:
NTLM auth
Existing LDAP session (mostly meaningful for the Reset behaviour, but technically you can run Change from an existing session, as long as you know and set the password)
This adds a module,
auxiliary/admin/ldap/change_password, for changing/resetting AD passwords over the LDAP protocol.Actions:
CHANGE: Changing an existing (known password).RESET: Forcing a password reset by having privileges over the target account.Works on both standard 389 and SSL-encrypted on 636 (since we use GSS-API encryption)
Verification
Do the test cases below with:
Main use cases: