Menu
I'm having problems to find how to associate a #Ldap user to a given group.
That is what I have tried:
Attributes attrs = new BasicAttributes();
BasicAttribute basicAttrs = new BasicAttribute("objectclass");
basicAttrs.add("top");
basicAttrs.add("person");
BasicAttribute memberOf = new BasicAttribute("memberOf");
memberOf.add("Managers"); // Tried with distinguished name too
memberOf.add("Administrators"); // Tried with distinguished name too
attrs.put(basicAttrs);
attrs.put("cn", user.getLogin());
attrs.put("name", user.getLogin());
attrs.put("login", user.getLogin());
attrs.put("mail", user.getMail());
attrs.put("displayName", user.getDisplayName());
attrs.put("memberOf", memberOf);
try {
ctx.bind("CN=" + user.getLogin() + "," + baseDn, null, attrs);
} catch (NamingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
I also tried to use the distinguished names like: "CN=Managers,OU=<system_name>,OU=Users,OU=<server>,DC=com", but didn't work. I think it should be somewhere to reference the Ldap group.
But I got this error:
javax.naming.directory.InvalidAttributeValueException: Malformed 'memberOf' attribute value; remaining name 'CN=lcarvalho,OU=<system_name>,OU=Users,OU=<server>,DC=com'
at com.sun.jndi.ldap.LdapClient.encodeAttribute(LdapClient.java:951)
at com.sun.jndi.ldap.LdapClient.add(LdapClient.java:999)
at com.sun.jndi.ldap.LdapCtx.c_bind(LdapCtx.java:396)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_bind(ComponentDirContext.java:277)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:197)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:186)
at javax.naming.directory.InitialDirContext.bind(InitialDirContext.java:158)
...
This is all the stack trace besides my application lines.
547
What Is LDAP? The Lightweight Directory Access Protocol (LDAP) defines a way for clients to send requests and receive responses from directory services. We call a directory service using this protocol an LDAP server. The data served by an LDAP server is stored in an information model based on X.
It accepts as parameters the URL of the LDAP server, the principal user and its password, the branch where the users are stored, and the user name. It uses the standard Java package javax. naming. directory to connect with the LDAP server.
If you're using OpenLDAP the memberOf attribute is maintained automatically by the memberOf overlay, and your application shouldn't write it at all. What you should be doing is adding the DN of the user to the uniqueMember or roleOccupant etc. attribute of the group he is joining. Then its DN will magically appear in his memberOf attribute.
179
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
