version 2.3.5 release use ldaps connect to ActiveDirectory Problem #695
Description
hello, I don't know if it's a bug in 2.3.5, at first I only need authentication and fetch all users, it's easy to handle it with spring-ldap.
Then I want to create a ldap account (with password) or change account passwords with spring-ldap, so I follow some instructions to export a certificate from AD and import it to jdk, after that I only change the protocol and port of the url to ldaps://AD-SERVER-TEST.test.com:636, nothing else changed. I think It's all I have to do. But I got a javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 00002077: SvcErr: DSID-031908B4, problem 5003 (WILL_NOT_PERFORM), data 0 error. It means spring-ldap doesn't connect AD through secure connection.
I search from the web, nothing help. But I success to change the password with native ldap support, for example , javax.naming.ldap.InitialLdapContext.createSubcontext() to create a new account, all the ldap config is the same as spring-ldap. So do i need make more changes to spring-ldap ?
the native ldap enviroment config like this, nothing special:
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, adminName);
env.put(Context.SECURITY_CREDENTIALS, adminPassword);
env.put(Context.SECURITY_PROTOCOL, "ssl");
String ldapURL = "ldaps://AD-SERVER-TEST.test.com:636";
env.put(Context.PROVIDER_URL, ldapURL);