cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

Active Directory- Create User Password

bcastro
Deputy Chef I
Deputy Chef I

Hello automation Pros!

I am working on a recipe that creates users in Active Directory using Windows Server.

I am trying to map Password but I can't find the field to map it.

According to AD Docs the field should be: userPassword

Searching by Passw... in the list of fields to map I found the ones in the image attached.


Anyone one that can help?

1 ACCEPTED SOLUTION

ndy
Deputy Chef III
Deputy Chef III

Dear, @bcastro .

The error message you're encountering (LDAP: error code 53 - 0000001F: SvcErr: DSID-031A125F, problem 5003 (WILL_NOT_PERFORM)) typically occurs when Active Directory refuses to perform a password change operation. This is often due to how the password is being passed or because of a policy constraint in LDAP/Active Directory.
Common Causes:

  • Password Encoding: Active Directory (AD) requires the password to be in a specific format (UTF-16LE encoding) and enclosed in double quotes. This is a common reason for failure if you are passing a simple string.
  • LDAP Policies: Your Active Directory might have password policies in place (like password complexity, expiration, or length) that could be causing the issue.
  • Permissions: The account you're using to perform the operation might not have the necessary permissions to change or set passwords.
  • Secure LDAP (LDAPS): Password operations in AD typically require a secure LDAP connection (LDAPS). If LDAPS is not being used, AD may refuse the operation with the WILL_NOT_PERFORM error.
Nguyen Duc Y

View solution in original post

8 REPLIES 8

chijie
Workato employee
Workato employee
Hi Berenice,

Setting a user's password is actually a separate action..so you can have an action to create the user first, then a subsequent one to set the password.



Hope this helps!

--

jeremyo
Deputy Chef I
Deputy Chef I

Just extending CJ's answer...


I think you also need to connect to AD using LDAPS (port 636).

bcastro
Deputy Chef I
Deputy Chef I

I was able to find Operation Set User Password in Active Directory. Thanks.

bcastro
Deputy Chef I
Deputy Chef I

Hello Again automation Pros! Continuing with this thread. While using Set Password to User operation I am getting error:


[LDAP: error code 53 - 0000001F: SvcErr: DSID-031A125F, problem 5003 (WILL_NOT_PERFORM), data 0

]; nested exception is javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A125F, problem 5003 (WILL_NOT_PERFORM), data 0


I am passing the password as a siple string without encoding it.

Anyone has experienced the same issue? Is it related to the Password Policy set in LDAP? Thanks