Adding LDAP entries using JNDI
Solution 1
LDAP 53, Unwilling to Perform, usually means what it says. You tried to do something 'illegal' from the LDAP servers perspective.
First guess, unlikely though, are you pointing at eDirectory? If so, adding sn is important as it is mandatory in eDirectory's schema to provide a Surname value at create time. In which case, you would probably get a slightly different error, more like a 608 or 611 error.
Second guess, you are point at Active Directory, in which case fullName is a mandatory attribute. But in that case, you also usually get a slightlty different result code. Ought to have more in the error. (Though this might be JNDI's return versus the tools I am used too).
Third guess, you are pointing at someone elses LDAP server and you have missed a mandatory attribute in the schema.
In fact, maybe it is an object class issue. Is wlsUser an auxiliary class, or a real class? Is inetorgperson a real (I am blanking on the name for this type of class, there is aux, structural, and something else) class in your directory?
My basic guess is you have missed a mandatory attribute and are violating schema in your target directory, and I hope the possible examples of missing mandatory's listed above is helpful.
Solution 2
This is the error you get when trying to set the password in Active Directory over a non-SSL connection. Try your code again without the password line.
Chathuranga Chandrasekara
A seasoned professional with 10+ years of Industry experience. The core competencies are, 1. Full Stack Solutions Architecture 2. Design and Implementation of Internet of Things (IoT) Software and Hardware/Firmware Programming Languages - Java | Python | NodeJS | JavaScript | TypeScript Front End Frameworks - Angular | React | Backbone | Bootstrap | Material Dependency Injection - Spring ORM - Hibernate Microservices - Spring Boot Batch Processing - Spring Batch Containerization - Docker Orchestration – Kubernetes Databases – MySQL | Postgres SQL | MS SQL Server NoSQL - MongoDB | Cassendra Build Tools – Maven | Gradle CI/CD – Jenkins | Ansible | Chef Testing - JUnit | Jasmine | Karma | RestAssured | Selenium Caching - Redis | Guava Dashboarding - Kibana | Banana Reporting - Jasper | Penthaho Health Monitoring – Prometheous | OpenTSDB | Ngios Messaging – RabbitMQ | Kafka API Gateways – Zuul | WSO2 API Manager | Nginx | Kong Cloud Services – AWS | OpenShift Identity Providers - KeyCloak | Apereo CAS REST Documentation - Swagger REST Security - JWT | OAuth2 Protocols - CoAP | STOMP | XMPP | TLS | REST | SOAP | MQTT | AMQP Source Management - Git | Subversion | Mercural Deep Learning & Numerical Calculation - Keras | Tensorflow | Caffe | Pandas | Numpy Image Processing and Computer Vision - OpenCV Project Management - Jira | ScrumWorks Programmable Hardware - Arduino | Rasberry Pi | PIC | ESP 32| ESP8266 GPRS & NB-IoT - SIM 800 | SIM 900 | SIM 7000 IoT Prototyping - NodeRed Search Engines - Elastic | Solr | Fast ESP Mobile – Android | Telerik NativeScript | Ionic 2 | React Native My other interests are, 1. Machine Learning 2. Deep Learning / Artificial Neural Networks 3. Artificial Intelligence
Updated on July 05, 2020Comments
-
Chathuranga Chandrasekara almost 4 years
I am trying to add an entry to an LDAP server using JNDI. I could successfully read the entries from the LDAP server. But when I try to add a new entry I am getting the errors. I checked various ways but I failed.
private String getUserAttribs (String searchAttribValue) throws NamingException{ SearchControls ctls = new SearchControls(); ctls.setSearchScope(SearchControls.OBJECT_SCOPE); Attributes matchAttrs = new BasicAttributes(true); matchAttrs.put(new BasicAttribute("uid", searchAttribValue)); NamingEnumeration answer = ctx.search("ou=People,ou=ABCLdapRealm,dc=abcdomain",matchAttrs); SearchResult item =(SearchResult) answer.next(); // uid userpassword description objectclass wlsmemberof sn cn return item.toString(); }This worked correctly.
Then I moved a step forward and tried to add an entry. The code is as follows.
public static void bindEntry(DirContext dirContext)throws Exception{ Attributes matchAttrs = new BasicAttributes(true); // uid userpassword description objectclass wlsmemberof sn cn matchAttrs.put(new BasicAttribute("uid", "defaultuser")); matchAttrs.put(new BasicAttribute("userpassword", "password")); matchAttrs.put(new BasicAttribute("description", "defaultuser")); matchAttrs.put(new BasicAttribute("cn", "defaultuser")); matchAttrs.put(new BasicAttribute("sn", "defaultuser")); matchAttrs.put(new BasicAttribute("objectclass", "top")); matchAttrs.put(new BasicAttribute("objectclass", "person")); matchAttrs.put(new BasicAttribute("objectclass", "organizationalPerson")); matchAttrs.put(new BasicAttribute("objectclass","inetorgperson")); matchAttrs.put(new BasicAttribute("objectclass", "wlsUser")); String name="uid=defaultuser"; InitialDirContext iniDirContext = (InitialDirContext)dirContext; iniDirContext.bind(name,dirContext,matchAttrs); }But with this I am getting an exception.
Exception in thread "main" javax.naming.OperationNotSupportedException: [LDAP: error code 53 - Unwilling To Perform]; remaining name 'uid=defaultuser'Definitely I am violating something. Any idea on this?