JNDI with Active Directory PartialResultException

java active-directory ldap jndi
20,007

Solution 1

So when I was creating my naming context with the method:

javax.naming.ldap.InitialLdapContext.InitialLdapContext(
   Hashtable<?, ?> environment, Control[] connCtls)

In the argument environment there is a property with the name Context.REFERRAL and its value should be set to: follow. This was the setting that I needed.

Solution 2

If you get an exception while referral usage in follow (for example: connection timed out) you can use referral ignore but you dont want to get partial exception you can use 3268 port number instead of 389 this port is using global catalog for ldap. You can find info from following link;

https://technet.microsoft.com/en-us/library/how-global-catalog-servers-work(v=ws.10).aspx

Share:
20,007
startoftext
Author by

startoftext

Lorem ipsum dolor sit amet, consectetur adipiscing elit. In maximus enim at felis sagittis elementum. Morbi odio lacus, fringilla ac pretium ut, semper vitae tortor. Praesent eget ante pretium, ultricies elit fringilla, sodales eros. Donec maximus ac enim eu sodales. Suspendisse ac lectus congue nisl interdum placerat. Nulla condimentum quis mi in vestibulum. Mauris dapibus, lectus et consequat venenatis, mi massa bibendum velit, sit amet ultrices leo lectus eu magna. Integer egestas massa vel eros ullamcorper, id maximus purus tincidunt. Phasellus nec metus sapien. Fusce ornare libero turpis, vel blandit ex tristique at. Integer suscipit nunc turpis, ac congue magna sodales vel. Duis hendrerit, turpis id bibendum congue, metus elit laoreet leo, eget feugiat neque dolor vel ex.

Updated on January 20, 2020

Comments

  • startoftext
    startoftext over 4 years

    I am basically walking the LDAP tree in Active Directory.

    At each level I query for "(objectClass=*)". When I do this on the root eg "dc=example,dc=com" I get the exception below. This works fine on our other LDAP instances. For some reason only on our Active Directory server I get this exception. I also get the same exception when using JXplorer on our Active Directory server.

    From reading around online I found people saying you should turn on following, not sure what that means... So on my controls object (javax.naming.directory.SearchControls) that I pass with the query I call searchControls.setDerefLinkFlag(true). I also have tried setting it to false with the same result. Any a suggestions on what else could cause this? Maybe how I could fix it?

    Note: In this post I changed the baseDn from dc=<my company domain> to example for my companies privacy.

    javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name 'dc=example,dc=com'
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1826)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1749)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:321)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:248)
at com.motio.pi.gui.panels.useraccess.ldap.LDAPConnector.query(LDAPConnector.java:262)
at com.motio.pi.gui.selector.directory.CognosDirectoryBrowserController.expandCognosTreeNode(CognosDirectoryBrowserController.java:99)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.motio.pi.utils.PIThreadDelegate$1.run(PIThreadDelegate.java:54)
at java.lang.Thread.run(Thread.java:662)
  • Karthik Bose
    Karthik Bose about 11 years
    @startoftext: of-course it solves the PartialResultException problem, but it makes the search slower. Pls Refer stackoverflow.com/questions/14136091/ldap-search-is-very-slo‌​w. In fact, with 'follow' it takes 4 secs and without 'follow' it takes 1 sec for me. Please advice, if you have any solution for it.
  • startoftext
    startoftext about 11 years
    @Karthik Bose I am not working with ldap any more so sorry I cant help.
  • ROMANIA_engineer
    ROMANIA_engineer over 8 years
    (for the others) If the solution above doesn't work, you can try the following 2 things: (1) Be more specific when you mention the name (E.g.: OU=Accounts,DC=x,DC=y instead of DC=x,DC=y. (2) Change the LDAP port number to 3268 (instead of 389)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Java ldap authentication issue
LDAP OperationNotSupportedException : error code 53 - WILL_NOT_PERFORM
ldap search is very slow
Why doesn't DirContext.close() return the LDAP connection to the pool?
LDAP search base DN not working
ApacheDS - How to create a new user with Java JNDI and setting the password?
How to get all members of AD group via LDAP in Java
AD return 8009030C: LdapErr: DSID-0C09043E, comment: AcceptSecurityContext error, data 0, vece
LDAP query get all groups (nested) of a group
LDAP Searching a user in Active directory with UPN