> -----Original Message----- > From: Emmanuel Lecharny [mailto:[email protected]] > Sent: Monday, September 06, 2010 7:54 PM > To: [email protected] > Subject: Re: Using LDAPConnection class... > > On 9/6/10 4:02 PM, Stefan Seelmann wrote: > > AD accepts either > > - the full DN, that looks typically like "cn=Arvind > > N,cn=Users,dc=MyDomain,dc=com" > > - or the samAccountName and the domain in format "Arvind n...@domain" > > > > @Emmanuel, Kiran: > > JXplorer makes the same as Apache Directory Studio: It uses JNDI and > > JNDI accepts a non-DN as principal. I think we should allow the same > > for the new API. WDYT? > I wonder if the LDAP API screams if you use "Arvind n...@domain" as a > principal. Blind guess : we expect a DN, and we throw an excpetion if > it's not. We can fix that. > > In any case, there is no chance that what Arvin used can work, as it's > nor a valid DN (ie a full DN), nor a samAccountName. I guess that > JExplorer is guessing about the root context to use (ie, it adds > cn=Users, ... to the given DN).
@Kiran, Emmanuel, Stefan First of all thanks for the responses.. I think JExplorer is letting the LDAP server (AD in this case) decide the KEY here. In the ethereal trace I see it just sets the exact string of what I have provided without putting a key to it as in He does not do a ... DN: cn=Arvind N .. Rather does a ... DN: Arvind N ... Also once I get the full DN I will try and use the same and verify if LDAPConnection works fine.. Just checked out the API code to hack more and I see LDAPConnection is an interface now :( LDAPNetworkConnection seems to have the magic now .. am I missing something ?? Thanks ~Arvind
