I have created an Active Directory client using JNDI, that has the ability to query for attributes, as well as modify existing ones. I have the need to modify the "msExchHideFromAddressLists" to set it equal to false, but I get a null pointer exception when trying to query for it. Any insight? Thanks
String filter = "(&(objectCategory=user) (sAMAccountName=" + sAMAccountName + "))";
results = ctx.search(ou, filter, controls);
while(results.hasMore()) {
SearchResult searchResult = (SearchResult) results.next();
Attributes attributes = searchResult.getAttributes();
Attribute attr = attributes.get("msExchHideFromAddressLists");
String output = (String) attr.get();
}
I found out what the issue was. Apparently, the "msExchHideFromAddressLists" attribute is not valued by default, so a query on it was returning a nullPointerException. To modify this attribute, simply set the value to "TRUE" or "FALSE".
ModificationItem[] mods = new ModificationItem[1];
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("msExchHideFromAddressLists", "TRUE"));
Related
I'm trying to retrieve the email address set in Active Directory to a specified canonical name via JND. I tried the same process with other parameters (e. g. sAMAccountName, principal name or mail) before, but this time, it doesn't work.
initializeLDAP();
String searchFilter = "(&(objectClass=user)(canonicalName=" + name + "))";
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
String returnedAttributes[] = { "mail" };
searchControls.setReturningAttributes(returnedAttributes);
NamingEnumeration<SearchResult> results = ctx.search(ldapSearchBase, searchFilter, searchControls);
SearchResult searchResult = null;
searchResult = results.nextElement();
if (searchResult.getAttributes().get("mail") != null
&& searchResult.getAttributes().get("mail").get() != null) {
logger.info("mail to canonical name {} is {}", name,
searchResult.getAttributes().get("mail").get());
mail = (String)
searchResult.getAttributes().get("mail").get();
...}
I get the following exception on this line NamingEnumeration<SearchResult> results = ctx.search(ldapSearchBase, searchFilter, searchControls);
javax.naming.directory.InvalidSearchFilterException: [LDAP: error code 18 - 0000216B: AtrErr: DSID-031404E3, #1:
0: 0000216B: DSID-031404E3, problem 1004 (WRONG_MATCH_OPER), data 0, Att 90394 (canonicalName)
I'd rather search for a different parameter but unfortunately the canonical name is all that I've got from a powershell script output. So is there an other way to search for it?
Nevermind.
I read about canonical name being a composed attribute and therefore nor searchable.
I cut the canonical name string after the last / and used this to search for cn which works fine.
I am trying to retrieve information from an active directory. It is working so far except I am not able to retrieve extended properties.
LDAP search filter:
String searchFilter = "(&(objectClass=user)(employeeId=*))";
String searchBase = "dc=DOM,dc=TLD";
String returnedAtts[]={"userPrincipalName"};
searchCtls.setReturningAttributes(returnedAtts);
NamingEnumeration<SearchResult> answer = ldapContext.search(searchBase, searchFilter, searchCtls);
while (answer.hasMoreElements())
{
SearchResult sr = (SearchResult)answer.next();
Attributes attrs = sr.getAttributes();
System.out.println(attrs.get("userPrincipalName"));
System.out.println(attrs.get("employeeId"));
}
Unfortunately I can retrieve only the default properties. How can I retrieve the extended properties?
Is there anything wrong with the code or did I forget something? Are the extended properties depending on user permissions?
finally i solved it by adding the property names to the returning attributes:
String returnedAtts[]={"userPrincipalName","department","employeeID","mail"};
searchCtls.setReturningAttributes(returnedAtts);
Hi I am a developer but new to ldap programming. I was able to our Ldap server by providing the DN=ou=app1,ou=development,ou=Group and set my search level to subtree_scope and was able to get to on level down which put me at DN=cn=admin,DN=ou=app1,ou=development,ou=Group. By expanding this DN i see Member(4),OU(1), cn(1),and Objectclasses: top and groupOfNames. I am trying to access the 4 users with uid=user entries. I got the below message when i tried to access uid:
UID... class javax.naming.directory.SearchResult
null
Found cn=Admin:
Attributes are.. No attributes
The following is the snippet of my code. I can provide more if needed
controls.setReturningAttributes("uid");
String filter="(objectClass=groupOfNames)";
NamingEnumeration objs = ctx.search("",filter, controls);
while (objs.hasMoreElements())
{
SearchResult match = (SearchResult)objs.nextElement();
System.out.println(" UID...\t"+ match.getClass());
System.out.println(match.getClassName());
System.out.println("Found "+match.getName()+":");
System.out.println("Attributes are..\t"+match.getAttributes());
Attributes attrs = match.getAttributes();
NamingEnumeration e = attrs.getAll();
while (e.hasMoreElements())
{
Attribute attr = (Attribute) e.nextElement();
System.out.println("Attribute and its class..\t"+attr.getClass());
}
System.out.println("---------------------------------------");
}
}
The SearchControls define the attributes to be returned by the search. You must have set its 'returningAttributes' property to 'new String[0]'. Leave it at null to get all attributes, or specify the ones you want.
I am trying to fetch LDAP User internal attributes, but couldn't find how to fetch them
DirContext ctx = this.getDirContext();
List<Employee> list = new ArrayList<Employee>();
NamingEnumeration<SearchResult> results = null;
try {
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
results = ctx.search("", "(objectclass=person)", controls);
while (results.hasMore()) {
SearchResult searchResult = results.next();
Attributes attributes = searchResult.getAttributes();
String fullName = this.getValue(attributes.get("cn"));
//so on...
}
// so on
from LDAP, I want to fetch each employee/person internal attributes too.
By Default, it's not returning the internal attributes [ex: createTimestamp]
You won't get any operational attributes unless you ask for them. At present you aren't asking for any attributes, which is equivalent to constructing the SearchControls, or calling SearchControls.setReturningAttributes(String[]) afterwards, using the argument new String[]{"*"}:this gives you all the non-operational attributes.
To get the operational attributes as well, use the argument new String[]{"*","+"}.
if you could please explain to me one piece of the following code that I don't quite understand I would be grateful:
What does (&(cn=*)({0}={1})) mean in the filter field?
I know that cn means search for the cn attribute and then ADD the result to ({0}={1}).
What is the meaning of ({0}={1})?
Here's the code:
try {
// Create initial context
ctx = new InitialDirContext(env);
Attributes matchAttrs = new BasicAttributes(true);
matchAttrs.put(new BasicAttribute(ldap_id_field, netid));
String attlist[] = {ldap_email_field, ldap_givenname_field,
ldap_surname_field, ldap_phone_field};
// look up attributes
try {
SearchControls ctls = new SearchControls();
ctls.setReturningAttributes(attlist);
NamingEnumeration answer =
ctx.search(ldap_search_context, "(&(cn=*)({0}={1}))", new Object[] {ldap_id_field,netid},ctls);
}
...
It looks wrong to me. All that filter does is find entries which have any CN and which match an attribute name/value pair specified as arguments to the search, in ldap_id_field and netid respectively. There is no 'adding' going on: the & means that both filter-expressions must match.