directory-api mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From CRAIG BENNER <craig.ben...@psu.edu>
Subject Re: Ldap API Custom Controls
Date Fri, 08 Sep 2017 01:41:25 GMT
I'm working with Chris.

We've tried both coding approaches for setting the control

//        LdapServerPolicyHintsOid hints = new LdapServerPolicyHintsOidImpl();
//        hints.setFlags(1);        
//        hints.setCritical(true);
//      modRequest.addControl(hints);

--or--
        LdapServerPolicyHintsOidDecorator decCtrl = new LdapServerPolicyHintsOidDecorator(getReadableLdapConnection().getCodecService());
        modRequest.addControl(decCtrl);

      ModifyResponse modResponse = getWriteableLdapConnection().modify(modRequest);


We are interacting with ActiveDirectory and we are using the ResetPassword logic (ModifyRequest
Replace logic for uniCodePwd).  We are trying to add honoring of the Password History data
by adding the control for policy hints documented on the first email Chris Sent.

It will take some changes to get a wireshark capture, since Password's can only be managed
over a secure connection.  Hopefully tomorrow I can get you the wireshark capture


Thanks. 
Craig Benner

----- Original Message -----
From: "Emmanuel Lécharny" <elecharny@gmail.com>
To: api@directory.apache.org
Sent: Thursday, September 7, 2017 4:51:49 PM
Subject: Re: Ldap API Custom Controls

Le 07/09/2017 à 22:20, Chris Pike a écrit :
> So I added the controls, but they don't seem to be working. We are getting a error code
53 (unwilling to preform) when we add the control to our request, so assuming there is something
wrong with the control, but don't know enough about ldap or the library to know what. Any
ideas on what to try or what might be wrong?

We need more info to be able to understand what's wrong :
- a capture of the messages being exchanged (wireshark)
- the server you use
>
>
>
> ----- Original Message -----
> From: "Chris Pike" <clp207@psu.edu>
> To: "api" <api@directory.apache.org>
> Sent: Monday, September 4, 2017 6:50:37 PM
> Subject: Re: Ldap API Custom Controls
>
> Thanks for the suggestions and code examples. I'll work on adding this new control and
let you know if I have any issues.
>
> ~Chris Pike
>
>
>
> ----- Original Message -----
> From: "Emmanuel Lécharny" <elecharny@gmail.com>
> To: "api" <api@directory.apache.org>
> Sent: Monday, September 4, 2017 3:46:49 AM
> Subject: Re: Ldap API Custom Controls
>
> Le 04/09/2017 à 09:16, Radovan Semancik a écrit :
>> On 09/04/2017 09:02 AM, Emmanuel Lécharny wrote:
>>> Actually, the tricky part is the grammar, which is a state engine
>>> description.
>> Oh, that is usually not that difficult either. Most of those "custom"
>> controls are very simple. Just a couple of fields. Complex data
>> structures seem to be very rare. If you start with existing control
>> that is somehow similar it is not difficult to implement a new control.
> FTR, the code I provided yesterday night in one of my previous mail took
> me around 30 mins, all included. For a more complex control, like
> syncrepl, that would have takne a bit more time, mainly because you want
> to add unit tests to cover teh various cases.
>
> Now, I think that we should provide a bit of documentation about how to
> implement a control...
>

-- 
Emmanuel Lecharny

Symas.com
directory.apache.org

Mime
View raw message