Hi,
I running into some issues while creating a user record in ADAM using java. I have customized ADAM schema.
If I add, "msDS-UserAccountDisabled", "FALSE" in java code it fails.
I have couple of questions...
1) When I created user using ADAM EDSI tool, in which attribute the password value will be stored. I tried unicodePwd and userpassword, but they are empty.
2) When I create user using ADAM EDSI tool, I can reset the passsword and msDS-UserAccountDisabled=FALSE. Same thing would like to acheive through java program. if I try to add attribute msDS-UserAccountDisabled=FALSE, I will get "[LDAP: error code 1 - 00002077: SvcErr: DSID-03380788, problem 5012 (DIR_ERROR), data 8237".
2) If I remove msDS-UserAccountDisabled=FALSE, the record will be created successfully without password. But how to enable the record and set the password?
It would be really helpful if you provide some pointers...
I have pasted my java code below......
==========================================================
import javax.naming.*;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.directory.*;
import java.util.Hashtable;
import java.util.Enumeration;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
/** * Sample JNDI client ADD application to demonstrate how to create
a new user entry in MS-ADAM with user account never expires */
public class LDAPCreateUser {
public static void main(String[] args) throws UnsupportedEncodingException {
Hashtable env = new Hashtable(); env.put (Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://SNY2AFSAPINT01A:2389");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
//env.put(Context.SECURITY_PROTOCOL, "ssl");
env.put (Context.SECURITY_PRINCIPAL, "CN=wacadmin,OU=Administrators,OU=people,DC=AXA,DC=COM");
env.put(Context.SECURITY_CREDENTIALS, "Password1");
//env.put("com.sun.jndi.ldap.connect.pool", "true");
//env.put(Context.REFERRAL, "follow");
try {
// Create the initial context //
DirContext ctx = new InitialDirContext(env);
LdapContext lctx = new InitialLdapContext(env,null);
// The distinguished name of the new entry
String dn = "uid=brk12343,ou=brokers,OU=people,DC=AXA,DC=COM";
// Create attributes to be associated with the new entry
Attributes attrs = new BasicAttributes(true);
// Objectclass -- required in MUST list
Attribute oc = new BasicAttribute("objectclass");
// required by 'top'
oc.add("top");
oc.add("person");
oc.add("axfperson");
oc.add("organizationalPerson");
//oc.add("inetOrgPerson");
oc.add("user");
oc.add("axfagency");
oc.add("axfsecurityresources");
//oc.add("axfsecurityuser");
attrs.put(oc);
System.out.println("brk12343");
// Other mandatory attributes -- required in MUST list
attrs.put ("uid", "brk12343");
attrs.put("sn", "SomeSN");
// required by 'person'
attrs.put("givenName","SomeGN");
attrs.put("cn", "brk12343 CN");
attrs.put("userpassword", "12brk1234");
// required by 'person' //Optional attributes -- but they must be defined in schema
attrs.put("mail","usermail@mydomain.com");
//this 2 props are needed for user creation without password expiration in MS-ADAM.
//attrs.put("msDS-UserAccountDisabled", "FALSE");
attrs.put("msDS-UserDontExpirePassword", "TRUE");
//attrs.put("ou", "people");
//attrs.put("ou", "brokers");
//Create the context
Context result = ctx.createSubcontext(dn, attrs);
System.out.println("Created account for: " + dn);
//set password is a ldap modfy operation
//and we'll update the userAccountControl
//enabling the acount and force the user to update ther password
//the first time they login
/*ModificationItem[] mods = new ModificationItem[2];
//Replace the "unicdodePwd" attribute with a new value
//Password must be both Unicode and a quoted string
String newQuotedPassword = "\""+ "brk1234" + "\"";
byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("userpassword", newUnicodePassword));
mods[1] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("msDS-UserAccountDisabled", "FALSE"));
// Perform the update
ctx.modifyAttributes(dn, mods);
System.out.println("Set password & updated userccountControl"); */
// Close the contexts when we're done
result.close();
ctx.close();
} catch(NamingException e){
e.printStackTrace();
}
}
}
==========================================================
Bookmarks