• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

LDAP Syntax - Don't Understand

 
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm trying to write what should be a pretty straightforward little program. All I need to do is log into Active Directory, and ask "Does this username exist" or "does this group exist?"

I can authenticate and log in just fine using:


However, all the examples I find online use something similar to for the login name. I have no idea what the CN and DC means or how you're supposed to know what it means. Plus... how is CN assigned two different values?

I've found examples for searching online, and they seem pretty straightforward. Below is one such example I have found.

1) How do you know what the names of the attributes are? Is there a standard? This program needs to run on any computer.
2) Same thing but with the searchFilter.
3) How are the attributes in returnedAtts different from the things in the search filter? For example, "mail" is used in both.
4) What is searchBase and why is it set to an empty String?


 
Ranch Hand
Posts: 1704
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I never connected LDAP with Java program but configured for web servers. The information in LDAP will be stored in a tree structure as follows:
dc(domain component) -> can be parent company name at top level
- dc(domain component) -> can be child company name, under parent
- - o(organization) -> organization name under child dc
- - - ou (organization unit) -> can be department name, under chilld dc
- - - - users

You need to supply all the information to validate the user, and if you just give user name it may not be validated ( not sure, at least in my case it didnt work).

May be you can install JXplorer(http://jxplorer.org/) which is a freeware to look into ldap system. In that if you select a user and see properties, it should give how to frame above information.

Hope it helps.

 
Kj Reddy
Ranch Hand
Posts: 1704
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The following link gives some more info:
http://today.java.net/pub/a/today/2005/05/31/tomcatldap.html
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic