LDAP: How to get all Groups in Active Directory?

34,028

Solution 1

Use Java JNDI, and do a search for (objectclass=group) and request the cn attribute. This will get all the groups name.

Code example: 

import java.util.Hashtable;

import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;

public class Test {

    public static String ldapUri = "ldap://localhost";
    public static String usersContainer = "cn=users,dc=example,dc=com";

    public static void main(String args[]) {

        if (args.length != 2) {
            System.out.println("Usage: test userName password");
            return;
        }
        String username = args[0];
        String password = args[1];

        Hashtable env = new Hashtable();
        env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
        env.put(Context.PROVIDER_URL, ldapUri);
        env.put(Context.SECURITY_PRINCIPAL, username);
        env.put(Context.SECURITY_CREDENTIALS, password);
        try {
            DirContext ctx = new InitialDirContext(env);
            SearchControls ctls = new SearchControls();
            String[] attrIDs = { "cn" };
            ctls.setReturningAttributes(attrIDs);
            ctls.setSearchScope(SearchControls.ONELEVEL_SCOPE);

            NamingEnumeration answer = ctx.search(usersContainer, "(objectclass=group)", ctls);
            while (answer.hasMore()) {
                SearchResult rslt = (SearchResult) answer.next();
                Attributes attrs = rslt.getAttributes();
                System.out.println(attrs.get("cn"));
            }

            ctx.close();

        } catch (NamingException e) {
            e.printStackTrace();
        }

    }
}

Solution 2

You can use this library. It's easy to use and powerfull

http://code.google.com/p/jedi-obi/

Share:
34,028

Related videos on Youtube

user709389
Author by

user709389

Updated on November 17, 2020

Comments

  • user709389
    user709389 over 3 years

    Is there a way to get the names of all groups in Active Directory using java?

  • user709389
    user709389 about 13 years
    Thanks for the reply. When I try using this, I get following error: "javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece" Any idea?
  • kalyan
    kalyan about 13 years
    Looks like you you have not authenticated correctly. Are you connecting to the correct ldap server? Is your user fdn is correct (like cn=Administrator,cn=users,dc=example,dc=com) and is your password correct?
  • user709389
    user709389 about 13 years
    Yes, my pw was wrong (stupid me). Anyway, now I get following: "javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece"
  • user709389
    user709389 about 13 years
    I think I succeeded a bit, but this is what i get now: "javax.naming.PartialResultException: [LDAP: error code 10 - 0000202B: RefErr: DSID-031006E0, data 0, 1 access points ref 1: 'example.com' ]; remaining name 'cn=testuser,dc=example,dc=com'" testuser is the name of user that I use. Is there something wrong with my userContainer? public static String usersContainer = "cn=testuser,dc=example,dc=com"; ??? "
  • kalyan
    kalyan about 13 years
    change the userContainer to "dc=example,dc=com". We are using userContainer as the basedn for the search. I just used an example "cn=users,dc=example,dc=com". Change it based on your directory structure.
  • Jacobi
    Jacobi over 11 years
    @ceving see this link code.google.com/p/jedi-obi/wiki/HomeUkVersion But just this, I see that all the Java DOC is in English
  • paulsm4
    paulsm4 over 10 years
    @kalyan - great example! Thank you!
  • Roknauta
    Roknauta about 7 years
    How filter by user ?
  • geisterfurz007
    geisterfurz007 about 4 years
    Please don't just post some tool or library as an answer. At least demonstrate how it solves the problem in the answer itself.
  • griffon vulture
    griffon vulture almost 4 years
    The problem is the number of requests to the LDAP server will be as the number of groups existing! is there a way to get all groups in one request?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related