Databases
StackOverflow2013
Postsdbo
POTrouble creating active directory users with Java
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POTrouble creating active directory users with Java
    text
    copied!<p>I've got a windows server 2008R2 with an active directory. I want to create a Java program, what allows a 08/15-user to add new users to this AD.</p> <p>I have found an [example][1] in the oracle forums and modified it for my AD.:</p> <pre><code>package model; import java.io.IOException; import java.util.Hashtable; import javax.naming.Context; import javax.naming.NamingException; import javax.naming.directory.Attributes; import javax.naming.directory.BasicAttribute; import javax.naming.directory.BasicAttributes; import javax.naming.directory.DirContext; import javax.naming.directory.ModificationItem; import javax.naming.ldap.InitialLdapContext; import javax.naming.ldap.LdapContext; import javax.naming.ldap.StartTlsRequest; import javax.naming.ldap.StartTlsResponse; public class NewUser2 { public static void main(String[] args) { Hashtable&lt;String,String&gt; env = new Hashtable&lt;String, String&gt;(); String adminName = "CN=Administrator,CN=Users,DC=Dom215-01,DC=local"; String adminPassword = "g18"; String userName = "CN=Foo Bar,OU=Schueler,DC=Dom215-01,DC=local"; String groupName = "OU=Schueler,DC=Dom215-01,DC=local"; env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); // set security credentials, note using simple cleartext authentication env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, adminName); env.put(Context.SECURITY_CREDENTIALS, adminPassword); // connect to my domain controller env.put(Context.PROVIDER_URL, "ldap://10.18.215.112"); try { // Create the initial directory context LdapContext ctx = new InitialLdapContext(env, null); // Create attributes to be associated with the new user Attributes attrs = new BasicAttributes(true); attrs.put("objectClass", "Schueler"); attrs.put("samAccountName", "FooBar"); attrs.put("cn", "Foo Bar"); // These are some optional (but useful) attributes attrs.put("givenName", "Foo"); attrs.put("sn", "Bar"); attrs.put("displayName", "Foo Bar"); attrs.put("description", "Test Subject"); /* attrs.put("userPrincipalName", "asdf@asdf.com"); attrs.put("mail", "sdaf@sdaf.com"); attrs.put("telephoneNumber", "999 123 4567"); */ // some useful constants from lmaccess.h int UF_ACCOUNTDISABLE = 0x0002; int UF_PASSWD_NOTREQD = 0x0020; int UF_PASSWD_CANT_CHANGE = 0x0040; int UF_NORMAL_ACCOUNT = 0x0200; int UF_DONT_EXPIRE_PASSWD = 0x10000; int UF_PASSWORD_EXPIRED = 0x800000; attrs.put( "userAccountControl", Integer.toString(UF_NORMAL_ACCOUNT + UF_PASSWD_NOTREQD + UF_PASSWORD_EXPIRED + UF_ACCOUNTDISABLE)); // Create the context Context result = ctx.createSubcontext(userName, attrs); System.out.println("Created disabled account for: " + userName); StartTlsResponse tls = (StartTlsResponse) ctx .extendedOperation(new StartTlsRequest()); tls.negotiate(); ModificationItem[] mods = new ModificationItem[2]; String newQuotedPassword = "\"Password2000\""; byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE"); mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword)); mods[1] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("userAccountControl", Integer.toString(UF_NORMAL_ACCOUNT + UF_PASSWORD_EXPIRED))); ctx.modifyAttributes(userName, mods); System.out.println("Set password &amp; updated userccountControl"); try { ModificationItem member[] = new ModificationItem[1]; member[0] = new ModificationItem(DirContext.ADD_ATTRIBUTE, new BasicAttribute("member", userName)); ctx.modifyAttributes(groupName, member); System.out.println("Added user to group: " + groupName); } catch (NamingException e) { System.err.println("Problem adding user to group: " + e); } tls.close(); ctx.close(); System.out.println("Successfully created User: " + userName); } catch (NamingException e) { System.err.println("Problem creating object: "); e.printStackTrace(); } catch (IOException e) { System.err.println("Problem creating object: "); e.printStackTrace(); } } } </code></pre> <p>Everything looks Ok so far, but when it tries to create the result object in line 76 it crashes with an <code>NoSuchAttributeException</code> and LDAP error code 16 (no such attribute). I've tried various modifications in the username string and the attributes, but nothing helped.</p> <p>Does anyone have an idea why this error occurs?</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload