Javax.naming.directory.SchemaViolationException on LDAP
I'm trying to update an attribute which contains different values, ex: objectclass, and it contains like top, person, inetOrgPerson, etc.. When I tried to updated, I got the following error
javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Object Class Violation]; remaining name 'uid=skk27test1,ou=people,dc=georgetown,dc=edu'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3036)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2758)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1374)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:235)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:147)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:136)
at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:138)
at edu.georgetown.netid.test.SimpleAuthentication.main(SimpleAuthentication.java:61)and the code I'm using is
DirContext authContext = new InitialDirContext(authEnv);
results = authContext.search("dc=georgetown,dc=edu", "(uid=skk27test1)", controls);
while(results.hasMore()){
SearchResult result = (SearchResult)results.next();
name = result.getName();
String dn = "uid=skk27test1,ou=people,dc=georgetown,dc=edu";
//updating multiple attribute values for an attribute
Attributes container = new BasicAttributes(true);
Attribute objClasses = new BasicAttribute("objectclass");
objClasses.add("top");
objClasses.add("person");
objClasses.add("organizationalPerson");
objClasses.add("inetOrgPerson");
container.put(objClasses);
authContext.modifyAttributes(dn,DirContext.REPLACE_ATTRIBUTE, container);I can update a single attribute successfully, the following is the code
//updating single attribute value for an attribute
ModificationItem[] mods = new ModificationItem[1];
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,
new BasicAttribute("gubuildingname", "Harris1"));
authContext.modifyAttributes(name+",dc=georgetown,dc=edu", mods);I don't know why I'm failing to get update the objectclass attribute.
I got the solution..
Actually I missed one attribute which should be a mandatory. I compared the attributes in the LDAP request that fails to the schema.
I came to know there is most likely a must attribute missing, maybe from an inherited object class.
Attributes container = new BasicAttributes(true);
Attribute objClasses = new BasicAttribute("objectclass");
objClasses.add("top");
objClasses.add("person");
objClasses.add("organizationalPerson");
objClasses.add("inetOrgPerson");
objClasses.add("guPerson");
container.put(objClasses);
authContext.modifyAttributes(dn,DirContext.REPLACE_ATTRIBUTE, container); In the above code, earlier I missed to add " objClasses.add("guPerson");", the guPerson attribute value is mandatory.
Now I can modify the results. :)
Similar Messages
-
Javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 21
I have collected the following code from "http://www.concentric.net/~adhawan/tutorial/"
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.naming.NameAlreadyBoundException;
import javax.naming.directory.*;
import java.util.*;
public class MakeRoot {
final static String ldapServerName = "localhost";
final static String rootdn = "cn=Manager, o=jndiTest";
final static String rootpass = "secret";
final static String rootContext = "o=jndiTest";
public static void main( String[] args ) {
// set up environment to access the server
Properties env = new Properties();
env.put( Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory" );
env.put( Context.PROVIDER_URL, "ldap://" + ldapServerName + "/" );
env.put( Context.SECURITY_PRINCIPAL, rootdn );
env.put( Context.SECURITY_CREDENTIALS, rootpass );
try {
// obtain initial directory context using the environment
DirContext ctx = new InitialDirContext( env );
// now, create the root context, which is just a subcontext
// of this initial directory context.
ctx.createSubcontext( rootContext );
} catch ( NameAlreadyBoundException nabe ) {
System.err.println( rootContext + " has already been bound!" );
} catch ( Exception e ) {
System.err.println( e );
}I am using the ldap server at here:
http://download.bergmans.us/openldap/openldap-2.2.29/openldap-2.2.29-db-4.3.29-openssl-0.9.8a-win32_Setup.exe
My slap.conf is:database bdb
suffix "dc=jndiTest"
rootdn "cn=Manager,dc=jndiTest"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw secret
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory ./data
# Indices to maintain
index objectClass eqWhile running this code:
ldap://localhost:389/
javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 21 - ob
jectClass: value #0 invalid per syntax]; remaining name 'dc=jndiTest'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(Unknown Source)
at com.sun.jndi.toolkit.ctx.ComponentContext.p_createSubcontext(Unknown
Source)
at com.sun.jndi.toolkit.ctx.PartialCompositeContext.createSubcontext(Unk
nown Source)
at com.sun.jndi.toolkit.ctx.PartialCompositeContext.createSubcontext(Unk
nown Source)
at javax.naming.InitialContext.createSubcontext(Unknown Source)
at MakeRoot.main(MakeRoot.java:35)It's obviously connecting with the given credentials and provider url. But then why is it not working?
Any help would highly appreciated. Thanks in advance.That is right I agree. And I guess that happened because I was trying to doing different permutation-combination with the naming scheme and I forgot to update slapd.conf. And even after made that change it was showing the same error. The poster forgot to mention to include java.schema. That change made it work finally.
Thanks for your reply. -
How to convert javax.naming.directory.Attributes to .String
hi,
i am getting values from ldap server.
but here i want to assin this values to string?
how?
Attributes det1 = ctx.getAttributes("cn="+t1+"", attrIDs3);
String str111=det1;
here i am getting error like this
Incompatible type for declaration. Can't convert javax.naming.directory.Attributes to java.lang.String
can any one help how to overcome and this values how to equal to string?
jpullareddynow i got answer,i solved
my self for solution
jpullareddy -
Help me for javax.naming.directory.InvalidAttributeValueException
i change the password by jndi , and administrator of the Active directory
had changed password of every user ,but the user is not administrator login int,cannot change himself password.why not?please help me!
Hashtable env = new Hashtable();
String userName = "CN=test,OU=test,DC=huadi,DC=com";
String oldPassword = "test";
String newPassword = "456P@ssw0rd";
//Access the keystore, this is where the Root CA public key cert was installed
//Could also do this via command line java -Djavax.net.ssl.trustStore....
String keystore = "D:/Program Files/Java/jdk1.5.0/jre/lib/security/cacerts";
System.setProperty("javax.net.ssl.trustStore",keystore);
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
//set security credentials, note using simple cleartext authentication
env.put(Context.SECURITY_AUTHENTICATION,"simple");
env.put(Context.SECURITY_PRINCIPAL,userName);
env.put(Context.SECURITY_CREDENTIALS,oldPassword);
//specify use of ssl
env.put(Context.SECURITY_PROTOCOL,"ssl");
//connect to my domain controller
String ldapURL = "ldaps://173.16.80.208:636";
env.put(Context.PROVIDER_URL,ldapURL);
try {
// Create the initial directory context
LdapContext ctx = new InitialLdapContext(env,null);
//change password is a single ldap modify operation
//that deletes the old password and adds the new password
System.out.println("----auth------");
ModificationItem[] mods = new ModificationItem[2];
//Firstly delete the "unicdodePwd" attribute, using the old password
//Then add the new password,Passwords must be both Unicode and a quoted string
String oldQuotedPassword = "\"" + oldPassword + "\"";
byte[] oldUnicodePassword = oldQuotedPassword.getBytes("UTF-16LE");
String newQuotedPassword = "\"" + newPassword + "\"";
byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
mods[0] = new ModificationItem(DirContext.REMOVE_ATTRIBUTE,
new BasicAttribute("unicodePwd", oldUnicodePassword));
mods[1] = new ModificationItem(DirContext.ADD_ATTRIBUTE,
new BasicAttribute("unicodePwd", newUnicodePassword));
// Perform the update
ctx.modifyAttributes(userName, mods);
System.out.println("Changed Password for: " + userName);
ctx.close();
}catch (NamingException e) {
System.err.println("Problem changing password: " + e);
}catch (UnsupportedEncodingException e) {
System.err.println("Problem encoding password: " + e);
}the exception is :
javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 19 - 0000052D: AtrErr: DSID-03190F00, #1:
0: 0000052D: DSID-03190F00, problem 1005 (CONSTRAINT_ATT_TYPE), data 0, Att 9005a (unicodePwd)
thanks! -
Design console and javax.naming.directory.basicattributes class
Hi all,
Is it possible to do the following in the design console?
BasicAttributes basicattributes = new BasicAttributes(true);
basicattributes.put(new BasicAttribute(contextName, "Weblink"));
basicattributes.put(new BasicAttribute(contextCode, "Web001"));
your help would be much appreciated..While Kodo cannot persist those elements out of the box, you can easily
use the externalization framework to persist the data in a format your
database and Kodo can understand.
http://solarmetric.com/Software/Documentation/3.1.3/docs/ref_guide_meta_ext.html#externalizer
ouhmmou wrote:
Hello,
I'd like to know if KODO implementation (or JDO spec) could manage java
objects such as javax.naming.directory.BasicAttribute and
javax.naming.directory.BasicAttributes !
because I am using those classes in my application but without succes.
thanks you for your help
smail
Steve Kim
[email protected]
SolarMetric Inc.
http://www.solarmetric.com -
Hi,
I am getting the following error when I try to do a search on an ldap (AD LDS) database:
javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031522C9, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=AppPartFE,DC=com'
]; remaining name 'cn=Users,dc=AppPartFE,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
at javax.naming.directory.InitialDirContext.search(Unknown Source)
at Test.<init>(Test.java:70)
at Test.main(Test.java:118)
I can bind successfully using either the userPrincipalName (UPN) or the Distinguished Name (DN), however my search is failing.
It is almost as if I am connected to the db tree at the wrong place. Do I need a different search scope?
I appreciate any assistance you can provide.
Here is my code:
import java.util.*;
import static java.lang.System.err;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
public class Test
public Test()
Properties prop = new Properties();
prop.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
prop.put("java.naming.provider.url", "ldap://MyHost.Mydomain.labs.CompanyX.com:50004");
String strProviderUrl = "ldap://MyHost.Mydomain.labs.CompanyX.com:50004";
// Can successfully bind with the userPrincipalName in AD LDS
//prop.put("java.naming.security.principal", "[email protected]");
// Can successfully bind with Distinguished Name
// Note: the string is case insensitive and embedded blank after a comma is not a problem
prop.put("java.naming.security.principal", "cn=tst0001,cn=Users,dc=AppPartFE,dc=com");
prop.put("java.naming.security.credentials", "password");
try {
LdapContext ctx = new InitialLdapContext(prop, null);
System.out.println("Bind successful");
//I am successful to this point....
//now try doing a search on another user
String strFilter = "(&(objectClass=userProxy)(sAMAccountName=tst0001))";
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); //works with object class=* to find top partition node
NamingEnumeration<SearchResult> results = ctx.search("cn=Users,dc=AppPartFE,dc=com", strFilter, searchControls);
SearchResult searchResult = null;
if(results.hasMoreElements()) {
searchResult = (SearchResult) results.nextElement();
//make sure there is not another item available, there should be only 1 match
if(results.hasMoreElements()) {
System.err.println("Matched multiple users for the accountName");
catch (NamingException ex) {
ex.printStackTrace();
public static void main(String[] args)
Test ldaptest = new Test();Because you are specifiying a base distinguished name in your ldap url, the ldap context will be rooted at that context and all subsequent objects will be relative to that base distinguished name.//connect to my domain controller
String ldapURL = "ldaps://rhein:636/dc=bodensee,dc=de";andString userName = "CN=verena bit,OU=Lehrer,OU=ASR,DC=bodensee,DC=de";results in an fully distinguished name of:CN=verena bit,OU=Lehrer,OU=ASR,DC=bodensee,DC=de,dc=bodensee,dc=deEither specify your ldap url asString ldapURL = "ldaps://rhein:636";and leave your username as is, or specify the user object relative to the base distinguished name in the ldapurlString userName = "CN=verena bit,OU=Lehrer,OU=ASR"; -
Javax.naming.NameAlreadyBoundException [LDAP: error code 68
I am getting the below Error when I am trying to add the entry into the LPAD Server.
javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - Entry Already Exists]; remaining name 'ou=People,dc=company,dc=co,dc=in'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.c_bind(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.c_bind(Unknown Source)
at com.sun.jndi.toolkit.ctx.ComponentContext.p_bind(Unknown Source)
at com.sun.jndi.toolkit.ctx.PartialCompositeContext.bind(Unknown Source)
at com.sun.jndi.toolkit.ctx.PartialCompositeContext.bind(Unknown Source)
at javax.naming.InitialContext.bind(Unknown Source)
at com.test.CreateUser.main(CreateUser.java:54)
I am using the following sample program to test this.
public class CreateUser {
public static void main(String[] args) {
java.util.Hashtable env = new java.util.Hashtable();
env.put( javax.naming.Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
env.put( javax.naming.Context.PROVIDER_URL, "ldap://c-4966:62260");
env.put( javax.naming.Context.SECURITY_AUTHENTICATION, "simple");
env.put( javax.naming.Context.SECURITY_PRINCIPAL, "cn=Directory Manager");
env.put( javax.naming.Context.SECURITY_CREDENTIALS, "test");
String dn = "ou=People,dc=company,dc=co,dc=in";
try {
// create DirContext
DirContext ctx = new InitialDirContext(env);
// Attributes for new entry
Attributes attrs = new BasicAttributes();
Attribute attr = new BasicAttribute("objectclass");
attr.add( 0, "top" );
attr.add( 1, "person" );
attr.add( 2, "organizationalPerson" );
attr.add( 3, "inetorgperson" );
attrs.put(attr);
System.out.println("1...........");
attrs.put("cn", "Sai Krishna");
attrs.put("sn", "Potluri");
attrs.put("givenName","Sia Potluri");
attrs.put("uid","saipotluri");
attrs.put("userPassword", "balaji");
/*attr = new javax.naming.directory.BasicAttribute("mail");
attr.add( 0, "[email protected]" );
attr.add( 1, "[email protected]" );
attrs.put( attr );
attrs.put( "telephonenumber", "111-1111-3333" );*/
System.out.println("2...........");
ctx.bind(dn, attrs);
} catch ( javax.naming.NamingException ex ) {
System.err.println("Fail to Add Entry\n");
ex.printStackTrace();
Any help is highly appreciated.
Thanks in Advance
DARMAYou're adding the entry "ou=people,dc=company,dc=co,dc=in" and not an entry under "ou=people,dc=company,dc=co,dc=in".
The dn of the new entry should be something like "cn=Sai Krishna,ou=people,dc=company,dc=co,dc=in" when you call ctx.bind(dn,...) -
Javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Cre...
Sir/Madam,
i am working on Windows Platform and I am getting this error when i want ot configure the LDAP.
Please suggest
javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3005)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2753)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2667)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:287)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.InitialContext.<init>(InitialContext.java:197)
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)
at TestClient.main(TestClient.java:33)
Thanks in advance.
Regards
Neelamadhabjavax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]LDAP is rejecting your credentials (username / password). Make sure your credentials are coorectly given, otherwise get help from LDAP admin.
regards,
Sekar -
Javax.naming.AuthenticationNotSupportedException:[LDAP:error Code 13
package test;
import java.util.Hashtable;
import java.util.Enumeration;
import javax.naming.*;
import javax.naming.directory.*;
import javax.naming.ldap.*;
public class Test1{
public static void main(String[] args) {
try{
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,INITCTX);
env.put(Context.PROVIDER_URL,My_HOST);
env.put(Context.SECURITY_AUTHENTICATION,"simple");
env.put(Context.SECURITY_PRINCIPAL,MGR_DN);
env.put(Context.SECURITY_CREDENTIALS,MGR_PW);
DirContext ctx=new InitialDirContext(env);
}catch(Exception e){
e.printStackTrace();
System.exit(1);
public static String INITCTX="com.sun.jndi.ldap.LdapCtxFactory";
public static String My_HOST="ldap://192.168.0.88:389";
public static String MGR_DN="uid=kvaughan,ou=people,o=airius.com";
public static String MGR_PW="bribery";
public static String MY_SEARCHBASE="o=Airius.com";
javax.naming.AuthenticationNotSupportedException:[LDAP:error Code 13 Confidentiality Required]i have the same Exception
this post from 2003 and no one post an advice!!
the exception
javax.naming.AuthenticationNotSupportedException: [LDAP: error code 48 - Inappropriate Authentication]
but i found that it is related the
env.put(Context.SECURITY_AUTHENTICATION, "simple"); // 'simple' = username + password
simple, EXTERNAL, none
but after adding this line i still have the same error!! -
Javax.naming.OperationNotSupportedException:[LDAP: error code 12-00000057
Hi All,
I getting the below OperationNotSupportedException while searching the LDAP container
"'ou=Subscriptions,ou=BMCMarimba,DC=marimba,DC=bmc-dns,DC=com'".
In our application during the initial search i'm able to search the above container and get the results.But during subsequent search getting the below mentioned error.
javax.naming.OperationNotSupportedException: [LDAP: error code 12 - 00000057: LdapErr: DSID-0C09068F, comment: Error processing control, data 0, vece]; remaining name 'ou=Subscriptions,ou=BMCMarimba,DC=marimba,DC=bmc-dns,DC=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3048)\
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)\
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)\
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1811)\
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1734)\
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)\
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:328)\
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:245)\
at com.marimba.tools.ldap.physical.LDAPConnectionImpl.getResult(LDAPConnectionImpl.java:901)\
at com.marimba.tools.ldap.physical.LDAPConnectionPoolImpl.searchWithConnection(LDAPConnectionPoolImpl.java:1369)\
at com.marimba.tools.ldap.physical.LDAPPagedSearchPR.getPage(LDAPPagedSearchPR.java:402)\
at com.marimba.tools.ldap.physical.LDAPPagedSearchPR.getPage(LDAPPagedSearchPR.java:238)\
at com.marimba.tools.ldapsync.util.PageResultEnumeration.getNextPage(PageResultEnumeration.java:159)\
at com.marimba.tools.ldapsync.policy.core.PolicySync.processNewPolicies(PolicySync.java:351)\
at com.marimba.tools.ldapsync.policy.core.PolicySync.syncPolicies(PolicySync.java:164)\
at com.marimba.tools.ldapsync.core.TargetSync.syncTargets(TargetSync.java:163)\
at com.marimba.tools.ldapsync.core.LDAPDBSync.run(LDAPDBSync.java:617)\
at java.lang.Thread.run(Thread.java:534)
Any idea why this exception is coming only in the subsequent search.
Any help would be greatly appriciated.
Thanks
VallinayagamHope this question raised long back and no suitable answers provided. I want to share my solution which worked for this problem to all the developers hitting their heads to thier PC :-)
You must use single LDAP connection to retrive all the results.
For example:
If your query returns around 10000 results, best way to get the results is using paging. Let us assume you set the page size to 500. Once you retrieve the first 500 results LDAP Connection will give you cookie which stores the information on last page. We need to set the cookie to future use i.e., for retrieving next page (next 500 results). If the connection to get next page is new/different (can be new instance or retrieved from pool) you will get "javax.naming.OperationNotSupportedException:[LDAP: error code 12-00000057".
So, to avoid this you need to use the same LDAP connection (conext) till you retieve all the results.
Regards,
Nageswara Rao.V -
Ldap Search getting a javax.naming.AuthenticationNotSupportedException
Hi,
Can anyone help me why i am getting Authentication Exception, is there anything wrong in the Code.(This Code i got from sun site)
I have passed the correct admin user id and password, The PROVIDER_URL is also ok.
If i comment the below two line it works fine. But Search doesnot go inside the if block
env.put(Context.SECURITY_CREDENTIALS,"<admin id given>");
env.put(Context.SECURITY_AUTHENTICATION, "<password given>");
Can any one help me.
Or can any help me with a sample code for userAuthentication in LDAP using JNDI for MS-ADS
My Code is as followes
=======================================================================
import javax.naming.directory.*;
import javax.naming.*;
import java.util.*;
import java.io.*;
public class LDAPConn
public java.lang.Object Conn;
public void startSearch() throws Exception
Hashtable env = new Hashtable(11);
DirContext ctx = null;
try
ctx = new InitialDirContext(env);
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://ipaddress:389/dc=xyz,dc=com");
env.put(Context.SECURITY_CREDENTIALS,"<admin id given>");
env.put(Context.SECURITY_AUTHENTICATION, "<password given>");
ctx = new InitialDirContext(env);
String[] attrIDs = {"sn", "telephonenumber", "mail"};
Attributes matchAttrs = new BasicAttributes(true);
matchAttrs.put(new BasicAttribute("sn", "Anil"));
matchAttrs.put(new BasicAttribute("mail","[email protected]"));
NamingEnumeration answer = ctx.search("cn=Users",matchAttrs, attrIDs);
if (answer.hasMore())
System.out.println("Search Success");
ctx.close();
}catch(Exception e)
e.printStackTrace();
return ctx;
public static void main(String str[])
try
(new LDAPConn()).startSearch();
} catch(Exception e)
e.printStackTrace();
=======================================================================
Thanks
GopiHi kenty
Thanks for your help.
My Code is working now. I am able to connect to LDAP server.
for the following code i am getting the output like this
===================== Code ===================
String[] attrIDs = {"cn"};
Attributes matchAttrs = new BasicAttributes(true);
matchAttrs.put(new BasicAttribute("cn", "Souvik Mukherjee"));
NamingEnumeration results = ctx.search("cn=Users",matchAttrs, attrIDs);
while (results != null && results.hasMore())
SearchResult si = (SearchResult)results.next();
System.out.println("name: " + si.getName());
Attributes attrs = si.getAttributes();
if (attrs == null)
System.out.println("No attributes");
} else {
for (NamingEnumeration ae = attrs.getAll();
ae.hasMoreElements();) {
Attribute attr = (Attribute)ae.next();
String attrId = attr.getID();
for (Enumeration vals = attr.getAll();
vals.hasMoreElements();
System.out.println(attrId + ": " + vals.nextElement()));
==================Output==================
name: CN=Souvik Mukherjee
cn: Souvik Mukherjee
My Requirement is now By passing the userid and validating the password of "Souvik Mukherjee" Or listing all attributes of "Souvik Mukherjee".
How to do this?
Where will i see in MS-ADS attributes like 'cn' etc.. Because my SysAdmin told me he has used default settings while installing ADS.
Regards & Thanks
Gopi -
Handlling exception: javax.naming.PartialResultException: Unprocessed Conti
I am running the following Java Code (in an agent in Lotus Notes, hence some of the odd bits). I've searched long and hard. I know I'm getting my error because I am searching the from the base DN in AD.
It also appears you can't get around this with referrals settings as AD doesn't support them. I having trouble with the whole global catalog thing too.
However, my code is working and returning the field I need. I would like to handle the error and get on with things.
Now I am not a java programmer. Is it possible to handle the error and return to the code that generated it, or am I finished with the 'try' stuff as soon as my first exception is thrown?
Sorry if this is a stupid question.
import lotus.domino.*;
import javax.naming.*;
import javax.naming.directory.*;
import java.util.Hashtable;
import java.util.Vector;
public class JavaAgent extends AgentBase {
public void NotesMain() {
String userName="jmbramich";
try {
Session session = getSession();
AgentContext agentContext = session.getAgentContext();
// Hashtable stores LDAP connection specifics.
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://hqdc01.prisons.ie:389");
// env.put(Context.PROVIDER_URL, "ldap://hqdc01.prisons.ie:3268");
env.put(Context.SECURITY_PRINCIPAL, "CN=L D. dapsearch,OU=LDAP,OU=Rescon,OU=Administrators,DC=PRISONS,DC=IE");
env.put(Context.SECURITY_CREDENTIALS, "gu1nne55");
DirContext ctx = new InitialDirContext(env);
// Specify the ids of the attributes to return
String[] attrIDs = {"postOfficeBox"};
SearchControls ctls = new SearchControls();
ctls.setReturningAttributes(attrIDs);
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
// Specify the search filter to match
String filter = "(&(sAMAccountName=" + userName + ")(postOfficeBox=*))";
// Search the subtree for objects by using the filter
NamingEnumeration answer = ctx.search("DC=PRISONS,DC=IE", filter, ctls);
while (answer.hasMore()) {
SearchResult sr = (SearchResult)answer.next();
System.out.println(">>>" + sr.getName());
Attributes attrs = sr.getAttributes();
System.out.println(attrs.get("postOfficeBox").get());
answer.close();
ctx.close();
} catch(Exception e) {
e.printStackTrace();
Errors:
javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name 'DC=PRISONS,DC=IE'
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2528)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2502)
at com.sun.jndi.ldap.LdapNamingEnumeration.getNextBatch(LdapNamingEnumeration.java:145)
at com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(LdapNamingEnumeration.java:181)
at JavaAgent.NotesMain(JavaAgent.java:38)
at lotus.domino.AgentBase.runNotes(Unknown Source)
at lotus.domino.NotesThread.run(NotesThread.java:208)
Error cleaning up agent threadsOk, managed to work this out. Needed a baby try/catch around a bit of my code so the error can be ignored - once this is done the notes agent doesn't have any problems taking out the garbage at the end.
Final code:
import lotus.domino.*;
import javax.naming.*;
import javax.naming.directory.*;
import java.util.Hashtable;
import java.util.Vector;
public class JavaAgent extends AgentBase {
public void NotesMain() {
String userName="jmbramich";
try {
Session session = getSession();
AgentContext agentContext = session.getAgentContext();
// Hashtable stores LDAP connection specifics.
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://hqdc01.prisons.ie:389");
// env.put(Context.PROVIDER_URL, "ldap://hqdc01.prisons.ie:3268");
env.put(Context.SECURITY_PRINCIPAL, "CN=L D. dapsearch,OU=LDAP,OU=Rescon,OU=Administrators,DC=PRISONS,DC=IE");
env.put(Context.SECURITY_CREDENTIALS, "gu1nne55");
System.out.println("Creating Context.");
DirContext ctx = new InitialDirContext(env);
// Specify the ids of the attributes to return
String[] attrIDs = {"postOfficeBox"};
SearchControls ctls = new SearchControls();
ctls.setReturningAttributes(attrIDs);
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
// Specify the search filter to match
String filter = "(&(sAMAccountName=" + userName + ")(postOfficeBox=*))";
// Search the subtree for objects by using the filter
System.out.println("Running Search...");
NamingEnumeration answer = ctx.search("DC=PRISONS,DC=IE", filter, ctls);
try {
while (answer.hasMore()) {
SearchResult sr = (SearchResult)answer.next();
System.out.println(">>>" + sr.getName());
Attributes attrs = sr.getAttributes();
System.out.println(attrs.get("postOfficeBox").get());
catch(PartialResultException e) {
//e.printStackTrace();
answer.close();
ctx.close();
catch(Exception e) {
e.printStackTrace();
} -
[OBPM 10gR3]How to configer a hybrid directory with Oracle LDAP Server
Hey, guys,
Does anyone have experience on configering a hybrid directory with Oracle LDAP Server? How to config the mapping conf file for Oracle LDAP in the directory of \OraBPMwlHome\conf?
Here is my conf file. But I got some LDAP mapping errors. It's really weird OBPM doesn't support Oracle's self LDAP, at least it does not provide the conf file.
-----------errors------------
Exception [javax.naming.OperationNotSupportedException: [LDAP: error code 53 - Function Not Implemented]; remaining name '']. Reason: [LDAP: error code 53 - Function Not Implemented] fuego.directory.DirectoryRuntimeException: Exception [javax.naming.OperationNotSupportedException: [LDAP: error code 53 - Function Not Implemented]; remaining name '']. at fuego.directory.DirectoryRuntimeException.wrapException(DirectoryRuntimeException.java:85) at fuego.directory.hybrid.ldap.JNDIQueryExecutor.select(JNDIQueryExecutor.java:203) at fuego.directory.hybrid.ldap.JNDIQueryExecutor.selectAllFromView(JNDIQueryExecutor.java:84) at fuego.directory.hybrid.ldap.JNDIQueryExecutor.selectAllFromView(JNDIQueryExecutor.java:64) at fuego.directory.hybrid.ldap.Repository.selectAllFromView(Repository.java:54) at fuego.directory.hybrid.ldap.LDAPPollingEventGenerator.buildCurrentProxies(LDAPPollingEventGenerator.java:98) at fuego.directory.provider.notifiers.BasePollingEventGenerator.generateEvents(BasePollingEventGenerator.java:41) at fuego.directory.hybrid.HybridMultipleEventGenerator.generateEvents(HybridMultipleEventGenerator.java:43) at fuego.directory.provider.notifiers.DirectoryNotifier.notifyChanges(DirectoryNotifier.java:403) at fuego.server.service.DirectoryListener.updateEngineFromDirectoryImpl(DirectoryListener.java:309) at fuego.server.service.DirectoryListener$DirectoryPollingItem.execute(DirectoryListener.java:351) at fuego.server.execution.DefaultEngineExecution$AtomicExecutionTA.runTransaction(DefaultEngineExecution.java:304) at fuego.transaction.TransactionAction.startBaseTransaction(TransactionAction.java:470) at fuego.transaction.TransactionAction.startTransaction(TransactionAction.java:551) at fuego.transaction.TransactionAction.start(TransactionAction.java:212) at fuego.server.execution.DefaultEngineExecution.executeImmediate(DefaultEngineExecution.java:123) at fuego.server.execution.DefaultEngineExecution.executeAutomaticWork(DefaultEngineExecution.java:62) at fuego.server.execution.EngineExecution.executeAutomaticWork(EngineExecution.java:42) at fuego.ejbengine.ejb.EngineStartupBean.executeItem(EngineStartupBean.java:192) at fuego.ejbengine.ejb.EngineStartupBean.updateFromDirectory(EngineStartupBean.java:172) at fuego.ejbengine.ejb.engine_startup_bpmengine_wodkyx_ELOImpl.updateFromDirectory(engine_startup_bpmengine_wodkyx_ELOImpl.java:365) at fuego.ejbengine.servlet.SchedulerServlet$DirectoryPollingTask.runImpl(SchedulerServlet.java:269) at fuego.ejbengine.servlet.SchedulerServlet$ScheduledTask.run(SchedulerServlet.java:208) at java.util.TimerThread.mainLoop(Timer.java:512) at java.util.TimerThread.run(Timer.java:462) Caused by: javax.naming.OperationNotSupportedException: [LDAP: error code 53 - Function Not Implemented]; remaining name '' at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3078) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2758) at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1812) at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1735) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:321) at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:248) at fuego.jndi.FaultTolerantDirContext.search(FaultTolerantDirContext.java:867) at fuego.directory.hybrid.ldap.JNDIQueryExecutor.select(JNDIQueryExecutor.java:190) ... 23 more
-----------mapping conf file for Oracle LDAP---------
<?xml version="1.0" encoding="UTF-8"?>
<?fuego version="6.1 ALPHA" application="albpmenterprise"?>
<!-- This file contains the propper attribute mapping for the FDI Generic Ldap Provider using Oracle Directory Service.
* Preference for group object
<preference id="assignedParticipants.containsId" value="true"/>
This preference is useful to speed up the provider and it can only be used if the assignedParticipant value is the dn of the user and the dn contains the participant id
<preference id="assignedParticipants.containsId" value="true"/>
This preference is useful to speed up the provider and it can only be used if the assignedGroup value is the dn of the group and the dn contains the group id
<preference id="modifyTimeStamp.suffix" value="Z"/>
This preference is useful when the suffix mofidyTimeStamp format of your ldap is not .OZ.
-->
<config>
<object id="person">
<object-filter>
<![CDATA[
(objectclass=inetOrgPerson)
]]>
</object-filter>
<relative-dn>
<!-- the relative dn for person -->
</relative-dn>
<attribute id="id" value="uid"/>
<attribute id="lastName" value="sn"/>
<attribute id="firstName" value="givenname"/>
<attribute id="accountLock" value="orclIsEnabled">
<attribute-comparator operation="EQUALS" compareTo="ENABLED"/>
<filter>
<![CDATA[
($accountLock=ENABLED)
]]>
</filter>
</attribute>
<attribute id="facsimileTelephoneNumber" value="facsimileTelephoneNumber"/>
<attribute id="displayName" value="displayName"/>
<attribute id="mail" value="mail"/>
<attribute id="telephoneNumber" value="telephoneNumber"/>
<attribute id="employeeId" value="employeeNumber"/>
<attribute id="thumbnailPhoto" value="jpegPhoto"/>
<attribute id="manager" value="manager"/>
<attribute id="modifyTimeStamp" value="modifytimestamp"/>
</object>
<object id="group">
<object-filter>
<![CDATA[
(objectclass=orclGroup)
]]>
</object-filter>
<relative-dn>
<!-- the relative dn for group -->
</relative-dn>
<attribute id="id" value="dn"/>
<attribute id="modifyTimeStamp" value="modifytimestamp"/>
<attribute id="displayName" value="displayName"/>
<attribute id="name" value="cn"/>
<attribute id="description" value="description"/>
<attribute id="assignedParticipants" value="uniquemember"/>
<!--attribute id="assignedGroups" value="memberOf"/-->
<attribute id="ou" value="uniquemember"/>
</object>
<object id="ou">
<object-filter>
<![CDATA[
(objectclass=domain)
]]>
</object-filter>
<relative-dn>
<!-- the relative dn for ous -->
</relative-dn>
<attribute id="name" value="orclsubscriberfullname"/>
<attribute id="description" value="description"/>
</object>
</config>
Edited by: Lemonice on 2009-3-30 上午2:08
Edited by: Lemonice on 2009-3-30 下午7:01
Edited by: Lemonice on 2009-3-30 下午8:43Hi,
in my case, I am trying to configure the OBPM directory using ALUI and its native LDAP service.
Now, I found that the first name and the last name in BPM are retrieved from the ALUI display name : provided we enter the display name in the format %first name% + %last name% we get them into BPM. But the display name is not always in this format...
In addition, it's the portal telephone number information which is retrieved into BPM Telephone and Fax numbers.
And, the email adress remains blank
I have installed the latest patch for OBPM (Version: 10.3.1.0.0 Build: #97172)
Would you have any documentation about creating a Profile Web Service in ALUI and specifying which LDAP attributes to map to which ALUI properties in the Profile Source ?
Thanks !
Edited by: vVince on May 6, 2009 3:46 PM -
Javax.naming.NotContextException when trying to bind to a context
Hi all.
I am trying to use file system service provider.
This is how I create the context:
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.fscontext.RefFSContextFactory");
env.put(Context.PROVIDER_URL, "file:/test");
DirContext ctx = new InitialDirContext(env);
When I try to invoke bind on ctx ;
ctx.bind(name, obj, attrs)
I get exception:
javax.naming.NotContextException: Not an instance of DirContext
at javax.naming.directory.InitialDirContext.getURLOrDefaultInitDirCtx(Unknown Source)
Can anyone help me get around this problem.
thanks.I don't think that
com.sun.jndi.fscontext.RefFSContextFactory
supports DirContext; just Context. -
Javax.naming.AuthenticationException [LDAP: error code 49 - 80090308
i am getting a problem in connection.
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece
plz suggestsatish_dhn wrote:
plz suggesterr code 49 means problem with login credentials.
"525" (between "data" and "vece" ) means user not found.
Maybe you are looking for
-
How do I get my Macbook Pro to recognize the esata connected drive?
I have connected and the system seems to recognize the ExpressCard esata controller adapter card, but the system doesn't seem to see the drive. I have restarted the system with no change. The drive is formated for Mac. Not sure what else I can do?
-
Submitting Concurrent request from PL/SQL
Hi I am currently attempting to submit a concurrent program from a pl/sql block that itself is being run as a concurrent program. However the call to submit_request would only returned zero. I inserted a call to FND_GLOBAL.INITIALIZE as suggested on
-
I'm trying to use ItemGetAttribute on a new phone message to get the state of the check boxes (attributes 0 through 6). No matter how they are set in the message, they are always returned as False. I'm using GW 6.5.1. Is this a known bug? Is there a
-
How to read I$ table using ODI procedure
Hi Can any one help me how to drop a I$ table from out sie of interface. I have tried below approches but no luck I have created ODI procedure with technology oracle and target logical schema (I$ tables are creating on target DB) with and with out be
-
"VCE-ICodecAPI-IsSupported" message in first use
Hello. I've recently upgraded to version 6.16.0.105 (running on Windows 7) and now when I start a conversation for the first time after startup, a "VCE-ICodecAPI-IsSupported" message window pops up: My contact cannot see my face until I click "OK" to