But it doesn't work unless direct DN is not provided. Using direct DN, From root to bottom path till DN in "userFilter=", it authenticates fine. A wild guess to the problem is that it is not searching the subtree. I need some parameter here which tells the Server to search inside the subtree as well for the user. Right now it is only looking into the head tree and not navigating inside. Basically LDAP search scope need to be specified. When I search from Active Directory Studio with scope set as subtree, it works fine without direct DN provided(userFilter set shown in Query above).
Is there any parameter in LdapLoginModule to set scope property? I am ready to change provider as well but would prefer using com.sun.security.auth.module.LdapLoginModule.