SUN One LDAP Retrieving Dynamic group

Similar Messages

• Import netscape.ldap.* ; is it not supported in Sun one LDAP server

  import netscape.ldap.*;
  is the above line not supported n Sun One LDAP directory Server
  if that is the case what should i do
  wenever i compile my code the error tat comes up is : package netscap.ladp does not exists
  need help immediately
  my code is as follows
  import netscape.ldap.*;
  import java.util.*;
  * Simple search program to experiment with filters
  public class SearchFilter {
  * Do a subtree search using a specified filter
  * @parm args host, port, authDN, password, baseDN, filter
  public static void main(String[] args) {
  if (args.length != 6) {
  System.out.println("Usage: java FilterSearch " + "<host> <port> " + "<authdn> <password> " + "<baseDN> <filter>");
  System.out.println("Example:");
  System.out.println(" java FilterSearch " + "localhost 389 " + "\"\" \"\" " + "\"o=airius.com\" " + "\"(|(cn=sam*)(cn=b*))\"");
  System.exit(1);
  }

  Couldn't you download the netscape.ldap package (iPlanet LDAP SDK) and put its jars in your app classpath?
  The suggested way to replace netscape.ldap package is to use only JNDI calls, but maybe they can not fulfill all your needs.
  By the way, you can get the source code for that package in Mozilla.org site.
  (Note: if you are using Netscape LDAP SDK for parsing/generating ASN.1 streams including X.509 certificates, try using BouncyCastle instead of netscape.ldap.ber.stream package - I had to modify several classes from Netscape's package that is not meant to handle certificates, but LDAP streams...)

• Authentication getting failed in sun one Ldap

  HI,
  Any one please can assist me for sun one ldap.
  My application developed(ldap related) based on lotus domino ldap server and webspere.
  now we are trying to deploy the same code with Websphere and sun one ldap server at our local environment.
  Iam getting the prblem of authentication fail.
  please follow the logs as.
  My question is what ever the code written for lotus domino is compatible with sun one ldap.Iam new to LDAP .
  pls any one give the suggestions.
  LDAP Interface: Performing LDAP authentication for user [NYilmaz]
  17 Dec 2007 18:43:13,359 [WARN ] NABLDAP: Transmission will be over an unencrypted connection. The username and password are transmitted in clear text form which is very insecure. Consider replacing the LDAP protocol with LDAPS (SSL).
  17 Dec 2007 18:43:13,359 [DEBUG] NABLDAP: Establishing a new authenticating connection to [ldap://gpat.bsdev.com]
  17 Dec 2007 18:43:13,375 [INFO ] NABLDAP: Failed to authenticate with the remote server on [ldap://gpat.bsdev.com] because of error '[LDAP: error code 34 - Invalid DN]'
  17 Dec 2007 18:43:13,375 [WARN ] LDAP Interface: Unsuccessful authentication attempt for user [NYilmaz]
  17 Dec 2007 18:43:13,375 [DEBUG] LDAP Interface: Writing the value {javax.naming.InvalidNameException:[LDAP: error code 34 - Invalid DN]} to General[1].OnionErrorMessage
  17 Dec 2007 18:43:13,390 [WARN ] NABLDAP: Transmission will be over an unencrypted connection. Consider replacing the LDAP protocol with LDAPS (SSL).
  17 Dec 2007 18:43:13,390 [DEBUG] NABLDAP: Establishing a new anonymous connection to [ldap://gpat.bsdev.com]
  17 Dec 2007 18:43:13,390 [DEBUG] NABLDAP: Connection established.
  17 Dec 2007 18:43:13,390 [DEBUG] NABLDAP: Searching remote LDAP directory using the filter of [(&(objectclass=person)(&(cn=NYilmaz)))]

  Hello Vinay,
  when configuring multiple Ldap directories, There are a number of prerequisities that you need to
  consider.
  For example, One prerequisite for Multi domains is that logon IDs must be unique across mutliple LDAP datasources. This will cause issue if duplicate IDs exist.
  Please see the following Documentation and notes for more information on this.
  Examples of Data Source Configuration Files - Identity Management - SAP Library
  Example: Configuration of Multiple LDAP Data Sources - Identity Management - SAP Library
  1618342 - Multiple LDAP Datasources - Active Directories where logon IDs
  are not unique
  762419 - Multi-Domain Logon Using Microsoft Active Directory
  Please have a look at the above notes which documet this and also tells
  you what to do in these situations.
  Regards,
  David

• SUN ONE Ldap - Default value is not getting displayed

  Hello,
  I have created an attribute in slapd.user_at.conf and it is associated in slapd.user_oc.conf.
  The default value for the attribute has been given in the SUN ONE Ldap. But it is not getting displayed in our application.
  Can any one help me in this for this issue.
  Regards,
  K. Senthil Kumar

  I assume that you are referring to a brand new field on the second step that was not on the form of the first step. If this is the case, then you should put the field in a hidden block of the first steps form. Default values and Auto-population from shells/single record BPs only occur of the create step, even if they are not used on that step. As long as you put them on the create step (even in a hidden block) they should initialize.

• Online Availability of Sun ONE Application Server User Groups

  The Sun ONE Application Server User Group community is now available online at
  http://developer.iplanet.com/usergroups/appserverhome.jsp
  Sanjay

  from the standard download pages (on www.sun.com, simply select download...)
  then you end up here:
  http://www.sun.com/download/products.xml?id=42ae317c
  but why would you want 7.0 ?? thats getting old now. You really should be looking at the very least at 7.1; and better yet at 8.1
  cheers
  Tom

• Identity Service LDAP with dynamic grouping

  Hi all,
  We are developing an enterprise application with oc4j and bpel.
  First we managed to handle user management with XML based JAZN tool.
  After that,we managed to connect identity service with iPlanet LDAP server and get users and roles(with static groups defined.)
  But our client wanted static and dynamic groups together in their LDAP server,because of the complexity of their current user base.
  When we try this,we cannot get the roles that are assigned with dynamic groups.But we can get the roles that are statically defined.
  We check the roles from the worklist application (integration/worklistapp... thing..) and we se the static groups where we cannot see dynamic one's.
  There is a section in is_config.xml like:
  <roleControls>
  <property name="nameattribute" value="cn"/>
  <property name="objectclass" value="groupOfUniqueNames"/>
  <property name="membershipsearchscope" value="onelevel"/>
  <property name="memberattribute" value="uniquemember"/>
  <search searchbase="ou=Groups,dc=dummy,dc=com,dc=tr" scope="onelevel" maxSizeLimit="1000" maxTimeLimit="120"/>
  </roleControls>
  I think the property uniquemember has an effect in this situation but I cannot find any sample configurations using dynamic groups in LDAP.
  Hope somebody has already done that..

  I find a solution here:
  http://download.oracle.com/docs/cd/E15523_01/integration.1111/e10226/hwf_config.htm
  I am currently using weblogic's defaultAuthentication to test BPM 11g.
  I do not know if this approach works in production environment.

• Problem instaliing sun one LDAP server on windows server 2008 r2

  Hi all ,
  I am trying to install Ldap server (Sun ONE Directory Server) on windows server 2008
  I am using apache-tomcat-7.0.28 and java jdk1.7.0_05
  I am following this manual for installing :
  https://blogs.oracle.com/marginNotes/entry/installing_directory_server_enterprise_edition1
  I have a problem with the cacao agent and how to install it .
  I've got this error message :
  c:\Program Files\Sun\dsee7\bin>dsccsetup cacao-reg
  Configuring Cacao...
  ## Failed to run "c:/Program Files/Sun/dsee7/ext/cacao_2/bin/cacaoadm.bat" set-
  aram "jdmk-home=c:/Program Files/Sun/dsee7/lib/private"
  #### Cannot create service for instance: [cacao.instance.name].
  #### Cannot perform firstime inialisation and configuration.
  ## Exit code is 1
  Failed to configure Cacao.
  I stuck and with no other solutions . I hope if you could to help with this issue .
  i will glad to know if there is any other ways to install this specific Ldap server ,
  Thanks,
  Alon

  You most likely skipped the step of starting the installed server prior to trying to access admin URL. Please check this document:
  http://docs.sun.com/source/817-1830-10/win.html
  Relevant section is:
  You can start the Administration Server in either of the following ways:
  # Select Start Menu -> Programs -> Sun ONE Web Server, and choose Start Web Server Administration Server.
  # From the Control Panel�s Services item.
  HTH...

• LDAP- large dynamic groups - performance

  A dynamic group is to a static group what a view is to a table
  A group is to its members what a table or view is to its records.
  When the memebrs of a dynamic group is very large are there any performance problems or is that eliminatable by some indexing means?

  Just an FYI ...
  I found out from iPlanet that this is a bug in SP3 and will be fixed in SP4.
  In the meantime, you can call tech support and get a patch.
  Matt
  "Matt Raible" <[email protected]> wrote in message
  news:9nldgs$[email protected]..
  I discovered today that the dynamic group does not seem to work for
  form-based authentication with iPlanet App Server. I have a group,
  Employees, in my LDAP server, and it has a dynamic group configured as
  ldap:///o=douglas.co.us??sub?dcRoles=ttEmployee, where each user has a
  custom attribute, dcRoles. I can test this dynamic group and expectedusers
  are found.
  However, I cannot authenticate with a user in this group when "Employees"is
  my configured role to authenticate with.
  If I open the group Employees in my LDAP Server, and under the Members,
  Static Group tab - I add a user, I can authenticate with them.
  I also tried adding "ttEmployee" as well as "Employee" to my deployment
  descriptors - but no luck. The method of adding a user (above) is the only
  way I found to work.
  Can someone shed some light on this?
  Thanks,
  Matt

• Default Value is not getting displayed in SUN ONE Ldap

  Hello,
  I have created an attribute in slapd.user_at.conf and it is associated in slapd.user_oc.conf.
  The attribute default value is given through SUN ONE Console. But, In our application the default value is not getting displayed.
  We need the default value to run our applicatin. Can anyone help me for this issue
  Regards,
  K. Senthil Kumar

  Hi anandkumar,
  I belive this issue can be resolved by changing the  Query proprties for the perticular field.
  Kindly check the Field proerties in query designer and ensure that Text is enabled ather than Key.
  __Field property check up:__Go to query designer->click onn the field-> Right hand side in properties click on display tab-> select Text in drop down menu of Display as tab.
  FURTHER CHECK UP: check the master data avaiulability for the perticular info object, if masterdata is not available, do the text data for txt data availability in report level.
  Hope this helps you!!
  Best Regards,
  Maruthi

• PasswordMustChange Attribute missing on Sun One LDAP 5.2.4

  Hi,
  I've install DS 5.2.4 build 2005.230.0301 on NT and set up the system to act as a directory server for my java application.
  everything works fine except that no controls are ever return via
  LDAPControl[] controls = ld.getResponseControls();
  I have resort to using attributes to detect certain password Attribute like time to expiry .
  One of the issue is that I need to know when the user is loggin in for the first time after reset. passwordMustChange checkbox is check in password policy (but after the IDs have been created)
  Since no controls are return, I was looking for passwordMustChange attribute but could not find it in the ID entries.
  Can anyone tell me how to get the passwordMustChange attrinbute created in each of the user entry?
  Or better still, what I am doing wrong.
  thanks
  Hans

  The issue is fixed. Damned productregistry was found in /var/adm/sw.

• Java programming guide for Sun ONE

  Where can I find the "Sun ONE LDAP SDK for Java Programming Guide" for version 5.2. ?
  I have the programming guide for Netscape Directory SDK 4.0 for Java. Will that do?
  Thanks for your help.
  [email protected]

  this to also create and manage the LDAP groups. We
  are using the Sun ONE 5.2 LDAP directory server. Are
  there significant advantages to using JNDI over the
  SunONE directory SDK, or vice versa?JNDI (bundled with J2SE) in combination with the Booster Pack release version 1.0, provides API support for accessing both static and dynamic Groups. It also provides API support for the new extensions and controls that are made available in Sun ONE DS 5.2.
  The Booster Pack can be downloaded from:
  http://java.sun.com/products/jndi/
  You can also check the LDAP trail of the JNDI Tutorial that contains detailed descriptions and examples of how to use JNDI . It is available at:
  http://java.sun.com/products/jndi/tutorial/ldap/index.html

• Configuring more than one LDAP as data source

  Hi Portal Gurus,
  We have requiremnt to configure  MS ADS LDAP-> DEEP HIERARCHY  & Sun one LDAP->FLAT HIERRARCHY as PORTAL Datra Source.we have already configured MS ADS LDAP.
  for  merging these 2 LDAPS as a data source can anybody having experiece ...
  we  tried to configure with the below server  parameters for  2nd lDAP merging as per  below reference
  Configuration of More Than One LDAP Data Source"http://help.sap.com/saphelp_nw04/helpdata/en/4e/4d0d40c04af72ee10000000a1550b0/frameset.htm".But
  we could not suceeded.
  Server parameters:
  Server:  xxxx:23xx
  LDAP Search root:  dv=hub, o=vds
  Connection ID:  cn=Directory Manager
  password: xxxxx
  we dont have user path or group path for the above 2nd LDAP.
  anybody can help in this ..
  Regards
  Tag

  Tag,
  It sounds like this issue might be releated to the fact that your second LDAP connection is to SUN One.   Maybe one of these links will help
  http://help.sap.com/saphelp_erp2005vp/helpdata/en/aa/8f10f1e2bae346bef2853aa0f88f4c/frameset.htm
  or
  http://help.sap.com/saphelp_erp2005vp/helpdata/en/43/4c3725aeaf30b4e10000000a11466f/frameset.htm
  Regards,
  Keith
  Message was edited by: Keith Crossett

• How to retrieve members of  ldap dynamic groups?

  Hi,
  Can any one provide me the java-code snippet for listing the members(users) of a LDAP-dynamic group?
  Regards.

  How is this different from [your previous question|http://forums.sun.com/thread.jspa?threadID=5434523&messageID=10965220#10965220]? If it is the same queston, then please stay in the same thread.

• How do i query a sun one server for a member of a  group

  Hi Folks
  I would like to know if any one know how to query a sun one directory server to list all members of the group.
  currenty i have this
  LDAP://SERVERNAME.test.com:5221/ou=people,dc=testrelsec,dc=com>;(&(objectclass = person)& adsPath;subTree"
  this query gives me all users in the directory ,
  Now I have created a static group called GROUPONE using sunone console GUI and made 2 people member of that group
  I need the ldap query which can list the members of GROUPONE
  thanks
  g4hbk
  thanks in advance
  g4hbk

  https://www.redhat.com/archives/fedora-directory-users/2005-September/msg00010.html
  Useful script to extract LDAP based user posixGroup memberships information
  ===
  Assuming you are using posixGroup objectclass and memberUid attribute to
  store your membership information, you may find my shell script useful
  and handy.
  It works on Solaris LDAP Client with "ldapaddent" and "ldaplist"
  commands, and works against FDS, SUN DS or OpenLDAP.
  ===
  Gary

• LDAP Dynamic Groups

  Hi,
  I have been trying to do some coding around - fetching members of dynamic ldap groups. In both these code snippets.. I get the same exception:
  java.lang.ClassCastException: com.sun.jndi.ldap.LdapCtx
  no matter whatever i tried. Can anyone please - let me know what could be causing this exception.
  Regards.
  String filter = LDAPRealm.DYNAMIC_GROUP_FILTER;
            String[] targets = new String[] { target, "memberUrl" };
            try {
                 SearchControls ctls = new SearchControls();
                 ctls.setReturningAttributes(targets);
                 ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
                 ctls.setReturningObjFlag(true);
                 NamingEnumeration e = context.search(baseDN, filter, ctls);
                 while(e.hasMore()) {
                      SearchResult res = (SearchResult)e.next();
                      Object searchedObject = res.getObject();
                      //if(searchedObject instanceof com.sun.jndi.ldap.obj.GroupOfURLs){ // dynamic group
                           com.sun.jndi.ldap.obj.GroupOfURLs gurls = (com.sun.jndi.ldap.obj.GroupOfURLs) searchedObject;
                           Principal x500principal = new X500Principal(userDN);
                           if (gurls.isMember(x500principal)) {
  and
  java.security.acl.Group obj = (java.security.acl.Group)ctx.lookup(groupDN);
                 Enumeration members = obj.members();
                 Principal member = null;
                 while (members.hasMoreElements()) {
                      member = (Principal)members.nextElement();
                      memberDNs.add(member.getName());
                 }

  How is this different from [your previous question|http://forums.sun.com/thread.jspa?threadID=5434523&messageID=10965220#10965220]? If it is the same queston, then please stay in the same thread.