I am trying to retrieve information from an active directory. It is working so far except I am not able to retrieve extended properties.
LDAP search filter:
String searchFilter = "(&(objectClass=user)(employeeId=*))";
String searchBase = "dc=DOM,dc=TLD";
String returnedAtts[]={"userPrincipalName"};
searchCtls.setReturningAttributes(returnedAtts);
NamingEnumeration<SearchResult> answer = ldapContext.search(searchBase, searchFilter, searchCtls);
while (answer.hasMoreElements())
{
SearchResult sr = (SearchResult)answer.next();
Attributes attrs = sr.getAttributes();
System.out.println(attrs.get("userPrincipalName"));
System.out.println(attrs.get("employeeId"));
}
Unfortunately I can retrieve only the default properties. How can I retrieve the extended properties?
Is there anything wrong with the code or did I forget something? Are the extended properties depending on user permissions?
finally i solved it by adding the property names to the returning attributes:
String returnedAtts[]={"userPrincipalName","department","employeeID","mail"};
searchCtls.setReturningAttributes(returnedAtts);
Related
I am using LDAP Authentication, Need a help
Suppose i have a user(user1#zzservers.ad), where zzservers.ad is a UPN Alias of demo.com domain , i already know of a way to search a user in active directory by domain.
But Does anyone know about how to search a user in active directory by UPN Alias.
Actually when user user1#zzservers.ad login into the application, i want to know if user is present in AD, so as to proceed authentication further.
Any help would be hugely appreciated.
Thanks
This is more an ordinary user search:
public String findUserByUPN( LdapContext ctx, String username )
{
// Domain name should be in DC=your,DC=domain,DC=com format
String domain = "DC=demo,DC=com";
String filter = "(userPrincipalName=" + username + ")" ;
NamingEnumeration<SearchResult> results = ctx.search( domain, filter, null );
while ( results.hasMore() )
{
SearchResult result = results.next();
// If you get a result here, the user was found
return result.getNameInNamespace();
}
return null;
}
Not sure what you are trying to accomplish but a filter like:
(userPrincipalName=jim#YOURDOMAIN.NET)
Will locate a user from the value of the userPrincipalName attribute.
-jim
Hi I am a developer but new to ldap programming. I was able to our Ldap server by providing the DN=ou=app1,ou=development,ou=Group and set my search level to subtree_scope and was able to get to on level down which put me at DN=cn=admin,DN=ou=app1,ou=development,ou=Group. By expanding this DN i see Member(4),OU(1), cn(1),and Objectclasses: top and groupOfNames. I am trying to access the 4 users with uid=user entries. I got the below message when i tried to access uid:
UID... class javax.naming.directory.SearchResult
null
Found cn=Admin:
Attributes are.. No attributes
The following is the snippet of my code. I can provide more if needed
controls.setReturningAttributes("uid");
String filter="(objectClass=groupOfNames)";
NamingEnumeration objs = ctx.search("",filter, controls);
while (objs.hasMoreElements())
{
SearchResult match = (SearchResult)objs.nextElement();
System.out.println(" UID...\t"+ match.getClass());
System.out.println(match.getClassName());
System.out.println("Found "+match.getName()+":");
System.out.println("Attributes are..\t"+match.getAttributes());
Attributes attrs = match.getAttributes();
NamingEnumeration e = attrs.getAll();
while (e.hasMoreElements())
{
Attribute attr = (Attribute) e.nextElement();
System.out.println("Attribute and its class..\t"+attr.getClass());
}
System.out.println("---------------------------------------");
}
}
The SearchControls define the attributes to be returned by the search. You must have set its 'returningAttributes' property to 'new String[0]'. Leave it at null to get all attributes, or specify the ones you want.
I am trying to fetch LDAP User internal attributes, but couldn't find how to fetch them
DirContext ctx = this.getDirContext();
List<Employee> list = new ArrayList<Employee>();
NamingEnumeration<SearchResult> results = null;
try {
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
results = ctx.search("", "(objectclass=person)", controls);
while (results.hasMore()) {
SearchResult searchResult = results.next();
Attributes attributes = searchResult.getAttributes();
String fullName = this.getValue(attributes.get("cn"));
//so on...
}
// so on
from LDAP, I want to fetch each employee/person internal attributes too.
By Default, it's not returning the internal attributes [ex: createTimestamp]
You won't get any operational attributes unless you ask for them. At present you aren't asking for any attributes, which is equivalent to constructing the SearchControls, or calling SearchControls.setReturningAttributes(String[]) afterwards, using the argument new String[]{"*"}:this gives you all the non-operational attributes.
To get the operational attributes as well, use the argument new String[]{"*","+"}.
if you could please explain to me one piece of the following code that I don't quite understand I would be grateful:
What does (&(cn=*)({0}={1})) mean in the filter field?
I know that cn means search for the cn attribute and then ADD the result to ({0}={1}).
What is the meaning of ({0}={1})?
Here's the code:
try {
// Create initial context
ctx = new InitialDirContext(env);
Attributes matchAttrs = new BasicAttributes(true);
matchAttrs.put(new BasicAttribute(ldap_id_field, netid));
String attlist[] = {ldap_email_field, ldap_givenname_field,
ldap_surname_field, ldap_phone_field};
// look up attributes
try {
SearchControls ctls = new SearchControls();
ctls.setReturningAttributes(attlist);
NamingEnumeration answer =
ctx.search(ldap_search_context, "(&(cn=*)({0}={1}))", new Object[] {ldap_id_field,netid},ctls);
}
...
It looks wrong to me. All that filter does is find entries which have any CN and which match an attribute name/value pair specified as arguments to the search, in ldap_id_field and netid respectively. There is no 'adding' going on: the & means that both filter-expressions must match.
I have created an Active Directory client using JNDI, that has the ability to query for attributes, as well as modify existing ones. I have the need to modify the "msExchHideFromAddressLists" to set it equal to false, but I get a null pointer exception when trying to query for it. Any insight? Thanks
String filter = "(&(objectCategory=user) (sAMAccountName=" + sAMAccountName + "))";
results = ctx.search(ou, filter, controls);
while(results.hasMore()) {
SearchResult searchResult = (SearchResult) results.next();
Attributes attributes = searchResult.getAttributes();
Attribute attr = attributes.get("msExchHideFromAddressLists");
String output = (String) attr.get();
}
I found out what the issue was. Apparently, the "msExchHideFromAddressLists" attribute is not valued by default, so a query on it was returning a nullPointerException. To modify this attribute, simply set the value to "TRUE" or "FALSE".
ModificationItem[] mods = new ModificationItem[1];
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("msExchHideFromAddressLists", "TRUE"));