problems to connect to active directory

hi all

i have problems to connect to active directory from java

i work on windows 2000 server

i searched a lot and i hope you can help me

thanks in advance

here is the code i use

---------------------------------------------
java code

/**
  Sample JNDI application to retrieve group members  
  */

import javax.naming.*;
import javax.naming.directory.*;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;

import java.util.Hashtable;

public class member
{
public static void main(String args[])
{
	
	System.out.println("here is 1");
Hashtable env= new Hashtable();

//cn=Manager,ou=People,dc=centos5,dc=com
//uid=root,ou=People,dc=centos5,dc=com

//uid=root,ou=People,dc=centos5,dc=com
env.put(Context.SECURITY_AUTHENTICATION,"Simple");
env.put(Context.SECURITY_PRINCIPAL,"dc=development,dc=local");//User
env.put(Context.SECURITY_CREDENTIALS, "kali");//Password
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL,"ldap://10.10.1.1:389/dc=development,dc=local");

System.out.println("here is 2");
try {
	 
	
	//Create the initial directory context
	System.out.println("here is 111");
	LdapContext ctx = new InitialLdapContext(env,null); 
	System.out.println("here is 222");

	//Create the search controls 		 
	SearchControls searchCtls = new SearchControls();

	//Specify the search scope
	searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);

	//specify the LDAP search filter
	String searchFilter = "(cn=HAL*)";

	//Specify the Base for the search
	String searchBase = "dc=centos5,dc=com";
	
	//String searchBase = "o=centos5.com";

	//initialize counter to total the group members
	int totalResults = 0;

	//Specify the attributes to return
	String returnedAtts[]={"member"};
	System.out.println("here is 3");
	searchCtls.setReturningAttributes(returnedAtts);
	System.out.println("here is 4");
	//Search for objects using the filter
	NamingEnumeration answer = ctx.search(searchBase, searchFilter, searchCtls);
	
	System.out.println("here is 5");

	//Loop through the search results
	/*while (answer.hasMoreElements()) {
		SearchResult sr = (SearchResult)answer.next();

		System.out.println(">>>" + sr.getName());

		//Print out the members

		Attributes attrs = sr.getAttributes();
		if (attrs != null) {

			try {
				for (NamingEnumeration ae = attrs.getAll();ae.hasMore();) {
					Attribute attr = (Attribute)ae.next();
					System.out.println("Attribute: " + attr.getID());
					for (NamingEnumeration e = attr.getAll();e.hasMore();totalResults++) {

						System.out.println(" " +  totalResults + ". " +  e.next());
					}

				}

			}	 
			
			catch (NamingException e)	
			{
				System.err.println("Problem listing members: " + e);
				e.printStackTrace();
			}
		
		}
	}*/

	System.out.println("Total members: " + totalResults);
	ctx.close();

} 

catch (NamingException e) {
	System.err.println("Problem searching directory: " + e);
   	}
}
}

hi ramy,
i want to knew what is active directory ?? And . Do you have any exception from this code

hi msi

thanks for your interest

i work on windows 2000 server ,it has active directory ,

i get this result when i run this code

here is 1
here is 2
here is 111
Problem searching directory: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 57, v893

so the problem that it can't connect to active directory .

i wish you can help me since it really very critical point in my work,we have to make many applications and all is stopped because of this problem.

i wait you

I think your problem in this line :

Code:

LdapContext ctx = new InitialLdapContext(env,null);

there is a problem in connection request controls, why you put null

I think in line
env.put(Context.SECURITY_PRINCIPAL,"dc=development,dc=local");//User

you can write in "dc=development,dc=local" into something like accountname@com.???.com

Hi

here is a basic Ldap (Active Directory Authentication)
package beans;

Code:

import java.util.*;
import javax.naming.*;
import javax.naming.directory.*;

public class TestLdapScript {
    public static void main(String[] args) {
       
            String userName = "username";
            String passWord = "password";
       
        try {    Hashtable env = new Hashtable();   
                env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");   
                env.put(Context.PROVIDER_URL,"LDAP://xx.xxxxx.xx:389"); //replace with your server URL/IP             
                //only DIGEST-MD5 works with our Windows Active Directory   
                env.put(Context.SECURITY_AUTHENTICATION,"DIGEST-MD5"); //No other SALS worked with me   
                env.put(Context.SECURITY_PRINCIPAL,userName); // specify the username ONLY to let Microsoft Happy   
                env.put(Context.SECURITY_CREDENTIALS, passWord);   //the password   
                DirContext ctx = new InitialDirContext(env);   
                //Create the search controls       
                SearchControls searchCtls = new SearchControls();
           
                //Specify the attributes to return
                String returnedAtts[]={"cn","DisplayName"};
                searchCtls.setReturningAttributes(returnedAtts);
           
                //Specify the search scope
                searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
     
                //specify the LDAP search filter
                //String searchFilter = "(&(ObjectClass=Person)(!(ObjectClass=user)))";
                //String searchFilter = "(&(objectClass=user)(&(objectClass=Person)(!(userAccountControl=514))))";
                  String searchFilter = "(&(objectClass=person)(CN=))";
                       
                //Specify the Base for the search
                String searchBase = "DC=xxxx,DC=net";
     
                //initialize counter to total the results
                int totalResults = 0;
     

                // Search for objects using the filter
                NamingEnumeration answer = ctx.search(searchBase, searchFilter, searchCtls);
     
                //Loop through the search results
                while (answer.hasMoreElements()) {
                    SearchResult sr = (SearchResult)answer.next();

                totalResults++;

                System.out.println(">>>" + sr.getName());

                // Print out some of the attributes, catch the exception if the attributes have no values

                Attributes attrs = sr.getAttributes();
                if (attrs != null) {
                    try {
                    System.out.println("   surname: " + attrs.get("cn").get());
                    System.out.println("   firstname: " + attrs.get("DisplayName").get());

                    }
                    catch (NullPointerException e)  {
                    System.out.println("Errors listing attributes: " + e);
                    }
              }


            }

                ctx.close();
        } catch(NamingException ne)
            {    System.out.println("Error authenticating user:");   
                 System.out.println(ne.getMessage());   
                     return;
             }  //if no exception, the user is already authenticated. 
        System.out.println("OK, successfully authenticating user");
        }
    }


You can then custimatize this according to your requirements. Remember //only DIGEST-MD5 works with our Windows Active Directory always works with windows

thank you "abooysen3 "

Did it work on your side?