LDAP search base DN not working

java ldap jndi distinguishedname ou
17,857

This works for me:

Hashtable<String, String> ldapEnv = new Hashtable<String, String>(11);
ldapEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
ldapEnv.put(Context.PROVIDER_URL,  "ldap://ldapHost");
ldapEnv.put(Context.SECURITY_AUTHENTICATION, "simple");
ldapEnv.put(Context.SECURITY_PRINCIPAL, "CN=Administrator,CN=Users,DC=domain,DC=com");
ldapEnv.put(Context.SECURITY_CREDENTIALS, "secret");
ldapContext = new InitialDirContext(ldapEnv);
// Create the search controls         
SearchControls searchCtls = new SearchControls();
// Specify the attributes to return
String returnedAtts[]={"sn","givenName", "samAccountName"};
searchCtls.setReturningAttributes(returnedAtts);
// Specify the search scope
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
// specify the LDAP search filter
String searchFilter = "(&(samAccountName=userName))";
// Specify the Base for the search
String searchBase = "dc=domain,dc=com";
// initialize counter to total the results
int totalResults = 0;
// Search for objects using the filter
NamingEnumeration<SearchResult> answer = ldapContext.search(searchBase, searchFilter, searchCtls);
// Loop through the search results
while (answer.hasMoreElements()) {
    SearchResult sr = (SearchResult)answer.next();
    totalResults++;
    System.out.println(">>>" + sr.getName());
    Attributes attrs = sr.getAttributes();
    System.out.println(">>>>>>" + attrs.get("samAccountName"));       
}
System.out.println("Total results: " + totalResults);
ldapContext.close();
Share:
17,857
David F. Suárez Chacón
Author by

David F. Suárez Chacón

Updated on June 14, 2022

Comments

  • David F. Suárez Chacón
    David F. Suárez Chacón almost 2 years

    I'm trying to perform an LDAP search into many different OUs that are located at the root of the directory.

    Context initialization:

    Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_CREDENTIALS, "somePassword");
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_PRINCIPAL, "MYDOMAIN\\\\myUsername");
env.put(Context.PROVIDER_URL, "ldap://myLdapServer:389");
searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
ctx = new InitialDirContext(env);

    So for searching an user I call

    ctx.search("OU=OrgUnitOne,DC=mysite,DC=com", "(sAMAccountName=someUserName)", searchControls)

    or

    ctx.search("OU=OrgUnitTwo,DC=mysite,DC=com", "(sAMAccountName=someUserName)", searchControls)

    and either works fine. But since I want to search into all of OUs in the root of DA, I have to use another baseDN for the search, which I've failed to find. I've tried the following but none seems to work...

    Without OU:

    ctx.search("DC=mysite,DC=com", "(sAMAccountName=someUserName)", searchControls)
//output:
//javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name 'DC=mysite,DC=com'

    Empty searchBase string:

    ctx.search("", "(sAMAccountName=someUserName)", searchControls)
//output:
//javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001E5, problem 2001 (NO_OBJECT), data 0, best match of:'']; remaining name ''

    Desperate wildcard *

    ctx.search("OU=\*,DC=mysite,DC=com", "(sAMAccountName=someUserName)", searchControls)
//output:
//javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT), data 0, best match of:'DC=mysite,DC=com']; remaining name 'OU=*,DC=mysite,DC=com'

    Desperate wildcard %

    ctx.search("OU=%,DC=mysite,DC=com", "(sAMAccountName=someUserName)", searchControls)
//output:
//javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT), data 0, best match of:'DC=mysite,DC=com']; remaining name 'OU=%,DC=mysite,DC=com'

    Desperate OR operator |

    ctx.search("OU=OrgUnitOne|OrgUnitTwo,DC=mysite,DC=com", "(sAMAccountName=someUserName)", searchControls)
//output:
//javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT), data 0, best match of:'DC=mysite,DC=com'];

    remaining name 'OU=OrgUnitOne|OrgUnitTwo,DC=mysite,DC=com'

    Is there a way to achieve this search over all the root OUs?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Why doesn't DirContext.close() return the LDAP connection to the pool?
ApacheDS - How to create a new user with Java JNDI and setting the password?
How to change LDAP password via JNDI
Java ldap authentication issue
LDAP OperationNotSupportedException : error code 53 - WILL_NOT_PERFORM
Adding LDAP entries using JNDI
ERROR: Need to specify class name in environment or system property LDAP and JNDI
JNDI with Active Directory PartialResultException
How do a LDAP search/authenticate against this LDAP in Java
ldap search is very slow