Photo Directory LDAP Connection

Similar Messages

• Anonymous Connection To Active Directory LDAP

  I am trying to connect anonymously to my organization's LDAP server just to read a set of user details. My .NET coworkers use a relatively simple set of code to connect:
      DirectoryEntry entry = new DirectoryEntry("LDAP://organizationdomain");
      DirectorySearcher searcher = new DirectorySearcher(entry);
      searcher.Filter = "(&(!(objectCategory=Computer))(|(objectClass=user)(objectClass=group))(name=" + LDAPDisplayName + "))";
      SearchResult srresult = searcher.FindOne();
      string sAMAccountName = (string)srresult.Properties["sAMAccountName"][0];
      return sAMAccountName;I have attempting to connect with the following Java code, using Spring-LDAP's LDAP Template and an LDAP DAO.
          public List getContactNames() {
              return ldapTemplate.search("","(objectclass=person)", new AttributesMapper() {
                  public Object mapFromAttributes(Attributes attributes) throws NamingException {
                      return attributes.get("cn").get();
          }Unfortunately, the following exception is thrown:
      org.springframework.ldap.ServiceUnavailableException: organization.org:389; socket closed; nested exception is javax.naming.ServiceUnavailableException: organization.org:389; socket closed
      Caused by: javax.naming.ServiceUnavailableException: organization.org:389; socket closed
           at com.sun.jndi.ldap.Connection.readReply(Unknown Source)
           at com.sun.jndi.ldap.LdapClient.ldapBind(Unknown Source)
           at com.sun.jndi.ldap.LdapClient.authenticate(Unknown Source)
           at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
           at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)
           at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
           at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)
           at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
           at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
           at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
           at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
           at javax.naming.InitialContext.init(Unknown Source)
           at javax.naming.ldap.InitialLdapContext.<init>(Unknown Source)
              (etc)In the .NET snippet, note that no username/password is provided. As such, I'm trying to avoid providing one in the Java version.

  I don't know what the LDAP template does (for example whether it gobbles up the underlying LDAP error message), but there are a couple of things to note when contrasting the .NET Framework and the System.DirectoryServices namespace with Java & JNDI.
  Firstly S.DS is "clever enough" to use the Domain Controller (DC) locator service, so that when given a ldap url contining just a domain name (for example LDAP://ANTIPODES) it automagically queries DNS for the ldap.tcp RR's and can retrieve the fully qualified dns name of a domain controller in the closest site.
  Secondly if no credentials are explicitly passed to S.DS, then it assumes the identity of the currently logged on user (ie. it is not an anonymous connection).
  On the other hand with Java/JNDI, while it can use a domain name in teh ldap url and retrieve the dns name of a domain controller from DNS, it is not site aware and you may not be connected to your closest DC.Also you either need to explicity provide credentials or enable anonymous access to AD. You could use Kerberos and use a previously issued TGT to authenticate to AD without entering a username/password.

• Issue with LDAP Connection becuase of Network issue

  Hello All,
  We have some network issues going on which is causing the NIC (Network interface card) to failover to another NIC. Due to this failover SUN access manager's LDAP connection pool fills up and we see errors in logs "Directory is down". We have to restart the Access manager to resolve this issue which refresh the connection pool of LDAP.
  Now we have set the setting as recommended in admin guide/tuning guide. Like
  1. Set event connection idle timeout to less that firewall or loadbalancer idle timeout value.
  2. event connection retry count and interval on perticular error code.
  Despite of above settings its not working out. Is there other way to get all the stale connections back to the LDAP pool without restarting the server?
  Or something which handles the network failover or failback?
  Regards
  Chetan Kulshrestha

  The user search name is the value you should be looking at in the LDAP attributes, that's the one that it will send to LDAP on a logon attempt. If you changed this value after mapping a group, I'm not sure but you may have to remap the group to get the change.
  So on the LDAP side verify the user search attribute = the username you expect to login with (i.e. cn, samaccountname, uid, etc)
  Regards,
  Tim

• NullPointerException at com.sun.jndi.ldap.Connection.run(Connection.java:52

  We are using the Sun jndi 1.2.1 files from a Java client to
  access the IBM SecureWay Directory 3.2 server. Our test case is
  retrieving entries using the ctx.getAttributes (String, String[])
  method. Occasionally we are receiving the following error.
  java.lang.NullPointerException
  at com.sun.jndi.ldap.Connection.run(Connection.java:525)
  at java.lang.Thread.run(Thread.java:481)
  The java.lang.NullPointerException is coming from the Sun JNDI file.
  Our program is not catching this exception.
  Has anyone seen this problem before and have any ideas on how this can be resolved?

  Download and use LDAP 1.2.3 or JDK 1.3.1.
  The problem should go away.

• PI 7.1 LDAP connectivity

  Hi ,
  We configured our PI 7.1 system to connect to Active Directory(LDAP), we completed all the configuration in T Code-LDAP.But when i see Java stack user administration --> Configuration Data Source is still ABAP System. I am not able to change Java stack to point to Active Directory, it is is not showing our active directory in drop down menu, it is having only ABAP system.
  How to change the Java stack of PI system to point to Active directory?
  Once the SSO is enabled our security will disable the password so users will not have any password but when when they try to access RWB, Integration Engine sytem is prompting for password.So if Java stack is pointed to Active directory i guess the issue will be solved.
  Thanks,
  Srini Koppuravuri

  Hi again Srini,
  OK well the fact that you can access the useradmin system without being requested to enter userid and password again shows that the PI java server 'trusts' logon tickets issued by the EP system.
  Perhaps the XI components RWB, Integration Engine, that you would like to access don't have their login module stacks configured to evaluate the logon ticket issued by the EP system.
  The user administration application uses the 'ticket' login module stack, so it appears that this login module stack is configured correctly since you can access the application using the logon ticket.
  So I suggest configuring the login module stacks of  RWB, Integration Engine etc to have the same configuration as the 'ticket' stack, at least as a test,  in fact you can configure them to use the 'ticket' template in the Netweaver Administrator. Go to Configuration Management - Security - Authentication - Policy Configuration Name.
  I'm not a PI guy so I'm not sure but I think policy configuration name for RWB that you'll find in the NWA is
  sap.com/com.sap.xi.rwb*rwb - try configuring this to use the ticket template by choosing 'ticket' from the 'used template' dropdown and then test the SSO again
  regards,
  Patrick

• LDAP Connection - users in more than one group

  Hallo.
  I set up an appl. with ldap connection (Novell eDirectory 8 / Novell 6.5).
  Working fine for users in an specified container.
  Using (Based on a pre-configured scheme from the gallery
  ; Show Login Page and Use LDAP Directory Credentials)
  LDAP DN STRING=
  cn=%LDAP_USER%,o=los
  only users in container los can connect,
  Using
  LDAPDN=
  cn=%LDAP_USER%,ou=amt10,o=los
  now menbers of amt10 can connect but no one else
  Is there an hint to get it work recursive ? (like mod_auth_ldap in apache does ?) So all users in any conainer under o=los will able to connect
  I have nearly 1000 Users in ~50 Containers, what sould I do best? What is misconfigured?
  Ralf

  I'm using a nifty little application call iCalPublish. Check it out at http://www.buddy.com/ical/
  sb

• Exchange 2010 EvenID 2070, LDAP connects to demoted AD server

  Running Exchange 14.3.224.4002 on Server 2008R2 SP1.
  Every 20 minutes i see this Event appearing in my application logs:
  Process MSExchangeMailboxReplication.exe () (PID=4116). Exchange Active Directory Provider lost contact with domain controller <demoted.domain.controller> Error was 0x51 (ServerDown) (Active directory response: The LDAP server is unavailable.).
  Exchange Active Directory Provider will attempt to reconnect with this domain controller when it is reachable
  Demoted this server as documented with DCPROMO. All DNS records from this server are removed a long time ago and Exchange was restarted several times. Performed a succesvol DCDIAG /test:dns. Even
  did the rename trick on C:\Users\<username>\appdata\roaming\microsoft\mmc\Echange Management Console. Can someone please shine some light on this?

  Hi,
  This error indicates that the DC was closing the LDAP connection. I suggest to set the following registry value to 2 in order to increase the logging level on the DC for discovering this issue.
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics\16 LDAP Interface Events
  After this step, DC will start generating other events every time it disconnected Exchange. Please collect and post these events for troubleshooting.
  Refer to this blog for more information
  http://blogs.technet.com/b/bill_long/archive/2014/03/19/ldap-send-queue-limits-cause-event-2070-and-2084.aspx
  Best Regards.
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Lynn-Li
  TechNet Community Support

• LDAP Connection Pooling - JCA

  I'm interested in setting up connection pooling for LDAP. Our J2EE app is running on JBoss, and the database connections are already pooled through JCA using the provided JDBC resource adapter.
  So, I have investigated JCA a bit to see if that is the way to go to implement connection pooling for LDAP, but I haven't come to a conclusion yet. If I was to use JCA, it looks like I would need to create a resource adapter for LDAP, which does not seem to be a trivial task. Or is there already a resource adapter out there for the Sun Directory Server?
  For what I am trying to accomplish (connection pooling) is JCA overkill? If so, what would be the best course of action to take?
  Thanks,
  Jeff

  I guess you are talking about Context Pooling ...... The new version of JNDI ( not sure from when...) has
  context pooling in-built.... all you got to do is set the env property for pooling 'on'.....
  env.put("com.sun.jndi.ldap.connect.pool", "true");
  for further details
  http://java.sun.com/products/jndi/tutorial/ldap/connect/pool.html

• Determining the state of an LDAP connection

  Hi all,
  I'm in a situation where I need to determine the state of an existing LDAP connection. The code is called from Java servlets / JSP's, and we're having a problem where the client mysteriously disconnects. The stack trace points to:
  04/10/04 10:24:54 javax.naming.CommunicationException: connection closed. Root exception is java.io.IOException: connection closed
  04/10/04 10:24:54 at com.sun.jndi.ldap.LdapClient.ensureOpen(LdapClient.java:1648)
  04/10/04 10:24:54 at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:594)
  04/10/04 10:24:54 at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1921)
  04/10/04 10:24:54 at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1783)
  04/10/04 10:24:54 at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1708)
  04/10/04 10:24:54 at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
  04/10/04 10:24:54 at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:328)
  04/10/04 10:24:54 at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:313)
  04/10/04 10:24:54 at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:238)
  04/10/04 10:24:54 at com.tekelec.corpdir.ad.ADHelper.getAvailableOrgUnits(ADHelper.java:582)
  The peculiar thing is that the InitialDirContext DOES exist, and is not null. Since we can't poinpoint what is causing the disconnects, the next best thing is to to a test against the context to determine if it is still connected.
  Looking at this stack trace, I can see a function: com.sun.jndi.ldap.LdapClient.ensureOpen(LdapClient.java:1648)
  Googling the source, shows the following implementation:
  private void ensureOpen() throws IOException {
       if (conn == null) {
       throw new IOException("connection closed");
  However, this does no good, since the function is private, and the corresponding Connection object is not exposed through JNDI.
  Does anyone have any ideas? For now, I'm going to just call a simple 'lookup(...)' to cause the exception to be thrown if the connection is dead.
  TIA!
  -Sean

  I was getting this exception on relatively large searches (but not on smaller ones). I was also getting a java.lang.OutOfMemoryError just before it that wasn't part of the stack trace. The server was nowhere near running out of swap, and all the /etc/system parameters (solaris) were reasonable.
  Then I found this page:
  http://java.sun.com/docs/hotspot/PerformanceFAQ.html#171
  and changed the way I'm calling the jvm this way:
  /usr/local/j2sdk1.4.2_08/bin/java -Xms512m -Xmx512m <java class file>
  This solved the problem for me. Something you may want to try, anyway.

• Reuse the LDAP connection when Using SASL DIGEST-MD5

  I have problem to use the same ldap connection for multiple SASL authenticaiton.
  step1, LDAPConection conn=new LDAPCo...
  conn.conect()..
  step2, do a SASL DIGEST-MD5, successfully get a challenge from server and server confirmation after the response is correct.
  step3, I want to use the same connection for another authetincation of different user, some how the server did not give back the challenge and reject the authenticaiton request again.
  So my question is how can we reuse the same connection for SASL authentication?
  Any switch or reset on the LDAP connection or the LDAP server has to be configured in some way to take multiple authentication using the same connection?

  More than fifty people have read this post, but there are no replies as
  of yet. I'm going to interpret that as "SASL DIGEST-MD5 is not
  supported by the Novell CSharp library."
  danielnapierski;1995522 Wrote:
  > I haven't been able to bind to an LDAP server using SASL DIGEST-MD5
  > using the Novell CSharp library. Can anyone explain how this is done,
  > or point me to a code example?
  >
  > I can connect, bind, and search this LDAP server using Apache Directory
  > Studio, so I know that my credentials are correct.
  >
  > Also, I have already used the Novell CSharp library for searching other
  > LDAP servers using simple authentication, and SSL, but never SASL
  > DIGEST-MD5.
  >
  > Thanks in advance for any help.
  danielnapierski
  danielnapierski's Profile: http://forums.novell.com/member.php?userid=63370
  View this thread: http://forums.novell.com/showthread.php?t=414964

• Limit ldap connections

  Hi,
  I have a Directory server 5.2 SP4 installed on a solaris machine which is used by more than 1000 Linus/Solaris clients for user authentication. Some clients do a multiple LDAP connections which is more than 900 connections per min, which is hitting the performance of the Directory. Is it possible to limit the # of connections which a client can create. Say any client should can only create 50 connections per minute.
  Thanks
  Srikanth

  Sun Directory Server does not have the ability to throttle clients connections (based on IP addresses).
  Regards,
  Ludovic.

• How to disable SSLv3 and keep only TLS for LDAP connection.

  Hi,
  I'm planning to keep only TLSv1.2 for LDAP connections.
  I tried to set LDAP_OPT_SSL_INFO in LDAP Session Options using a SecPkgContext_ConnectionInfo Structure with dwProtocol SP_PROT_TLS1_2_CLIENT(as described here -  https://social.msdn.microsoft.com/Forums/en-US/7544226d-97e1-4dae-a377-e382c2281e91/how-to-set-up-tls-in-ldap-connection?forum=vcgeneral),
  but it returns LDAP_PARAM_ERROR.
  I tried to call this function directly after ldap_sslinit/ldap_init and before ldap_connect() - without success, I tried to use other parameters with default values, I tried to initialize them by 0/other possible values - and also no success.
  How I can do this?
  Thanks for your advices.

  LDAP_PARAM_ERROR
  https://msdn.microsoft.com/en-us/library/aa367026(v=vs.85).aspx

• LDAP connections with multiple proxy instances

  After configuring LDAP connectivity through the Admin application on a machine with multiple proxy instances I end up with:
  number of proxy instances x LDAPConnPool times number of connections to the LDAP server.
  Question: Is it possible to prevent some of the proxy instances from opening LDAP connections?

  Hi
  Increase the IDLE timeout value on the LDAP server. Of course, this just extends the inevitable. Check if there is a way to disable IDLE timeout on LDAP server.
  Regards,
  Nagendra HK

• LDAP connectivity in web Dynpro

  How to do  LDAP connectivity in web dynpro to make use of UME

  After installing the LDAP go to configtool UME
  Select the option from the dropdown
  then
  Provide the server name : The server in which you have installed the LDAP
  port :389/636
  username=cn=<the username>,o=<context name>
  password=<the passsword provided by you while installing>
  browse to find the data for the path below
  userpath
  grouppath
  After this the UME in portal can be configured in the LDAP

• My wife just got a new iPhone 6 and took some photos then I connected it to her computer and restored it to her iPhone 4 settings and lost her new photos. Is there a way to recover them?

  My wife just got a new iPhone 6 and took some great photos then I connected it to her computer and restored it to her iPhone 4 settings and lost her new photos. Is there a way to recover them?

  Sorry, unless she backup up the new phone before or is using iCloud to save the photos, the photos are gone.