I'm trying to write what should be a pretty straightforward little program. All I need to do is log into Active Directory, and ask "Does this username exist" or "does this group exist?"
I can authenticate and log in just fine using:
However, all the examples I find online use something similar to for the login name. I have no idea what the CN and DC means or how you're supposed to know what it means. Plus... how is CN assigned two different values?
I've found examples for searching online, and they seem pretty straightforward. Below is one such example I have found.
1) How do you know what the names of the attributes are? Is there a standard? This program needs to run on any computer.
2) Same thing but with the searchFilter.
3) How are the attributes in returnedAtts different from the things in the search filter? For example, "mail" is used in both.
4) What is searchBase and why is it set to an empty String?
I never connected LDAP with Java program but configured for web servers. The information in LDAP will be stored in a tree structure as follows:
dc(domain component) -> can be parent company name at top level
- dc(domain component) -> can be child company name, under parent
- - o(organization) -> organization name under child dc
- - - ou (organization unit) -> can be department name, under chilld dc
- - - - users
You need to supply all the information to validate the user, and if you just give user name it may not be validated ( not sure, at least in my case it didnt work).
May be you can install JXplorer(http://jxplorer.org/) which is a freeware to look into ldap system. In that if you select a user and see properties, it should give how to frame above information.