Eu quero mudar o userAccountControl e senha do usuário do AD. O usuário já está criado no AD. O usuário é criado com o módulo python-ldap no AD e está no estado 'Desabilitado' e sem senha.

AD está hospedado no win2k8R2.

Quando eu mudo o uac e senha com o script pythion-ldap, ele gera um erro abaixo:

ldap://192.168.254.1:389
(97, [])
Traceback (most recent call last):
  File "C:\workspace\utils\src\u.py", line 16, in <module>
    l.modify_s(dn, mod_attrs)
  File "C:\Python26\lib\site-packages\ldap\ldapobject.py", line 336, in modify_s
    return self.result(msgid,all=1,timeout=self.timeout)
  File "C:\Python26\lib\site-packages\ldap\ldapobject.py", line 436, in result
    res_type,res_data,res_msgid = self.result2(msgid,all,timeout)
  File "C:\Python26\lib\site-packages\ldap\ldapobject.py", line 440, in result2
    res_type, res_data, res_msgid, srv_ctrls = self.result3(msgid,all,timeout)
  File "C:\Python26\lib\site-packages\ldap\ldapobject.py", line 446, in result3
    ldap_result = self._ldap_call(self._l.result3,msgid,all,timeout)
  File "C:\Python26\lib\site-packages\ldap\ldapobject.py", line 96, in _ldap_call
    result = func(*args,**kwargs)
ldap.UNWILLING_TO_PERFORM: {'info': '00002077: SvcErr: DSID-031903A4, problem 5003 (WILL_NOT_PERFORM), data 0\n', 'desc': 'Server is unwilling to perform'}


import ldap

host = "192.168.254.1"
ip = "ldap://%s:%d"%(host, 389)
l = ldap.initialize(ip)
newUser = "vishalworld"
dn = "cn=%s,%s"%(newUser, "cn=Users,DC=example,DC=com")
print l.simple_bind_s("administrator",password)
pwd = '"abcdefgh"'.encode("utf-16-le")
mod_attrs = [
                (ldap.MOD_REPLACE, "lockoutTime", 0),
                (ldap.MOD_REPLACE, "unicodePwd", pwd),
            ]
l.modify_s(dn, mod_attrs)