On 9/6/10 4:34 PM, Arvind N wrote:
-----Original Message-----
From: Emmanuel Lecharny [mailto:[email protected]]
Sent: Monday, September 06, 2010 7:54 PM
To: [email protected]
Subject: Re: Using LDAPConnection class...
On 9/6/10 4:02 PM, Stefan Seelmann wrote:
AD accepts either
- the full DN, that looks typically like "cn=Arvind
N,cn=Users,dc=MyDomain,dc=com"
- or the samAccountName and the domain in format "Arvind n...@domain"
@Emmanuel, Kiran:
JXplorer makes the same as Apache Directory Studio: It uses JNDI and
JNDI accepts a non-DN as principal. I think we should allow the same
for the new API. WDYT?
I wonder if the LDAP API screams if you use "Arvind n...@domain" as a
principal. Blind guess : we expect a DN, and we throw an excpetion if
it's not. We can fix that.
In any case, there is no chance that what Arvin used can work, as it's
nor a valid DN (ie a full DN), nor a samAccountName. I guess that
JExplorer is guessing about the root context to use (ie, it adds
cn=Users, ... to the given DN).
@Kiran, Emmanuel, Stefan
First of all thanks for the responses..
I think JExplorer is letting the LDAP server (AD in this case) decide the KEY
here.
In the ethereal trace I see it just sets the exact string of what I have
provided without putting a key to it as in
Rather does a
...
DN: Arvind N
Makes sense.
...
Also once I get the full DN I will try and use the same and verify if
LDAPConnection works fine..
Just checked out the API code to hack more and I see LDAPConnection is an
interface now :(
LDAPNetworkConnection seems to have the magic now .. am I missing something ??
yes, we have split the LdapConnection into two implementations, one
which is network based, and another one when you embed the server.
In your case, use the LdapNetworkConnection class.
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com
