directory-api mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Arvind N <Arvin...@citrix.com>
Subject RE: Using LDAPConnection class...
Date Mon, 06 Sep 2010 14:02:09 GMT
> -----Original Message-----
> From: Emmanuel Lecharny [mailto:elecharny@gmail.com]
> Sent: Monday, September 06, 2010 7:02 PM
> To: api@directory.apache.org
> Subject: Re: Using LDAPConnection class...
> 
>   On 9/6/10 3:21 PM, Arvind N wrote:
> > Hi,
> >     Just downloaded the ldap client api version 0.1 and wrote sample
> program to
> > connect to a Active Directory seem to hit a weird problem.
> > The tutorial does not provide much info so thought of checking in the
> list.
> > Do let me know if I have got the wrong list.
> >
> > The piece that is failing is
> >
> > 			LdapConnection connection = new LdapConnection(svrIP,
> new Integer(svrPort));
> > 			BindRequest request = new BindRequest();
> > 			request.setCredentials(password);
> > 			request.setName("cn=Arvind N");
> > 			BindResponse resp = connection.bind(request);
> > 			LdapResult result = resp.getLdapResult();
> > 			System.out.println("the error message is " +
> result.getErrorMessage());
> >
> > For this I always get an error message
> > ** the error message is 80090308: LdapErr: DSID-0C090334, comment:
> AcceptSecurityContext error, data 525, vece **
> > Googled quite a bit to not avail and to dig deeper hit ethereal.
> > Noticed that in the LDAP protocol extract, the bind request had
> something like this
> > ....
> > DN: cn=Arvind N
> 
> The user name must be the full DN, ie cn=Arvind N,< ... >, where <...>
> is the DN containing your user.
> 
> 

Yes, but in case we do not know the Dn and only the value part of an attribute
should'nt the api allow me to set the same as what I want and sent it in the LDAP packet
and let the LDAP server assign the default/any key to it and respond accordingly, 
which is what JExplorer seems to be doing when I don't provide cn/sAMAccountName/dn etc...

Note: I am not saying LDAP API is doing anything wrong, just noticed the default behavior
between
 two products and just thought letting the server decide for this usecase made more sense...

thanks
Arvind 

Mime
View raw message