I am trying to fetch LDAP User internal attributes, but couldn't find how to fetch them
DirContext ctx = this.getDirContext();
List<Employee> list = new ArrayList<Employee>();
NamingEnumeration<SearchResult> results = null;
try {
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
results = ctx.search("", "(objectclass=person)", controls);
while (results.hasMore()) {
SearchResult searchResult = results.next();
Attributes attributes = searchResult.getAttributes();
String fullName = this.getValue(attributes.get("cn"));
//so on...
}
// so on
from LDAP, I want to fetch each employee/person internal attributes too.
By Default, it's not returning the internal attributes [ex: createTimestamp]
You won't get any operational attributes unless you ask for them. At present you aren't asking for any attributes, which is equivalent to constructing the SearchControls, or calling SearchControls.setReturningAttributes(String[]) afterwards, using the argument new String[]{"*"}:this gives you all the non-operational attributes.
To get the operational attributes as well, use the argument new String[]{"*","+"}.
Related
I am trying to retrieve information from an active directory. It is working so far except I am not able to retrieve extended properties.
LDAP search filter:
String searchFilter = "(&(objectClass=user)(employeeId=*))";
String searchBase = "dc=DOM,dc=TLD";
String returnedAtts[]={"userPrincipalName"};
searchCtls.setReturningAttributes(returnedAtts);
NamingEnumeration<SearchResult> answer = ldapContext.search(searchBase, searchFilter, searchCtls);
while (answer.hasMoreElements())
{
SearchResult sr = (SearchResult)answer.next();
Attributes attrs = sr.getAttributes();
System.out.println(attrs.get("userPrincipalName"));
System.out.println(attrs.get("employeeId"));
}
Unfortunately I can retrieve only the default properties. How can I retrieve the extended properties?
Is there anything wrong with the code or did I forget something? Are the extended properties depending on user permissions?
finally i solved it by adding the property names to the returning attributes:
String returnedAtts[]={"userPrincipalName","department","employeeID","mail"};
searchCtls.setReturningAttributes(returnedAtts);
Hi I am a developer but new to ldap programming. I was able to our Ldap server by providing the DN=ou=app1,ou=development,ou=Group and set my search level to subtree_scope and was able to get to on level down which put me at DN=cn=admin,DN=ou=app1,ou=development,ou=Group. By expanding this DN i see Member(4),OU(1), cn(1),and Objectclasses: top and groupOfNames. I am trying to access the 4 users with uid=user entries. I got the below message when i tried to access uid:
UID... class javax.naming.directory.SearchResult
null
Found cn=Admin:
Attributes are.. No attributes
The following is the snippet of my code. I can provide more if needed
controls.setReturningAttributes("uid");
String filter="(objectClass=groupOfNames)";
NamingEnumeration objs = ctx.search("",filter, controls);
while (objs.hasMoreElements())
{
SearchResult match = (SearchResult)objs.nextElement();
System.out.println(" UID...\t"+ match.getClass());
System.out.println(match.getClassName());
System.out.println("Found "+match.getName()+":");
System.out.println("Attributes are..\t"+match.getAttributes());
Attributes attrs = match.getAttributes();
NamingEnumeration e = attrs.getAll();
while (e.hasMoreElements())
{
Attribute attr = (Attribute) e.nextElement();
System.out.println("Attribute and its class..\t"+attr.getClass());
}
System.out.println("---------------------------------------");
}
}
The SearchControls define the attributes to be returned by the search. You must have set its 'returningAttributes' property to 'new String[0]'. Leave it at null to get all attributes, or specify the ones you want.
if you could please explain to me one piece of the following code that I don't quite understand I would be grateful:
What does (&(cn=*)({0}={1})) mean in the filter field?
I know that cn means search for the cn attribute and then ADD the result to ({0}={1}).
What is the meaning of ({0}={1})?
Here's the code:
try {
// Create initial context
ctx = new InitialDirContext(env);
Attributes matchAttrs = new BasicAttributes(true);
matchAttrs.put(new BasicAttribute(ldap_id_field, netid));
String attlist[] = {ldap_email_field, ldap_givenname_field,
ldap_surname_field, ldap_phone_field};
// look up attributes
try {
SearchControls ctls = new SearchControls();
ctls.setReturningAttributes(attlist);
NamingEnumeration answer =
ctx.search(ldap_search_context, "(&(cn=*)({0}={1}))", new Object[] {ldap_id_field,netid},ctls);
}
...
It looks wrong to me. All that filter does is find entries which have any CN and which match an attribute name/value pair specified as arguments to the search, in ldap_id_field and netid respectively. There is no 'adding' going on: the & means that both filter-expressions must match.
I'm using Spring LDAP 1.3.0 library to access an internal LDAP server, with Java, but I'm having troubles to do one thing: how can I get an internal attribute of any structure of LDAP? For example, how can I get the memberOf attribute of an user?
I ever searched a lot but don't find anything about that using Spring LDAP.
Any ideas will be very welcome. Thanks.
As you said in comment UserAttributeMapper is your friend !
If the user has more than one 'memberof' :
static List<List<String>> getPersonGroupsByAccountName(String accountName){
EqualsFilter filter = new EqualsFilter("sAMAccountName", accountName);
return ldap.search(DistinguishedName.EMPTY_PATH,filter.encode(),new AttributesMapper(){
public Object mapFromAttributes(
javax.naming.directory.Attributes attrs)
throws javax.naming.NamingException {
List<String> memberof = new ArrayList();
for (Enumeration vals = attrs.get("memberOf").getAll(); vals.hasMoreElements();) {
memberof.add((String)vals.nextElement());
}
return memberof;
}
});
I'm sure there is a better way to do this but it works.
I use this to get fields like "createTimestamp" or "pwdChangedTime",
and UserContextMapper you can reference resources: http://docs.spring.io/spring-ldap/docs/1.3.x-SNAPSHOT/reference/htmlsingle/
ldapTemplate.lookup(dn, new String[] {"*", "+"}, new UserContextMapper());
It also works with odmManager. Something like
DistinguishedName dn = new DistinguishedName("The path your are searching in");
SearchControls searchControls = new SearchControls();
searchControls.setReturningObjFlag(true);
searchControls.setReturningAttributes("your attributes, as an array of strings");
return odmManager.findAll(User.class, dn, searchControls);
I use this to get fields like "createTimestamp" ....
I have created an Active Directory client using JNDI, that has the ability to query for attributes, as well as modify existing ones. I have the need to modify the "msExchHideFromAddressLists" to set it equal to false, but I get a null pointer exception when trying to query for it. Any insight? Thanks
String filter = "(&(objectCategory=user) (sAMAccountName=" + sAMAccountName + "))";
results = ctx.search(ou, filter, controls);
while(results.hasMore()) {
SearchResult searchResult = (SearchResult) results.next();
Attributes attributes = searchResult.getAttributes();
Attribute attr = attributes.get("msExchHideFromAddressLists");
String output = (String) attr.get();
}
I found out what the issue was. Apparently, the "msExchHideFromAddressLists" attribute is not valued by default, so a query on it was returning a nullPointerException. To modify this attribute, simply set the value to "TRUE" or "FALSE".
ModificationItem[] mods = new ModificationItem[1];
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("msExchHideFromAddressLists", "TRUE"));