Thanks - we do need the user sid, so I will put that back.
Also, I'd like to ask what you know about escaping the user name in
this expression:
String searchFilter = "(&(objectClass=user)(sAMAccountName=" + userName + "))";
It seems to me that there is probably some escaping needed, but I
don't know what style. Do you think it is the same (C-style, with \
escape) as for the other case?
Karl
On Thu, May 5, 2011 at 6:20 PM, Kadri Atalay <atalay.ka...@gmail.com> wrote:
> Hi Karl,
>
> String returnedAtts[]={"tokenGroups"} is ONLY returning the
> memberGroups,
>
> C:\OPT>curl
> "http://localhost:8345/mcf-authority-service/UserACLs?username=katalay_ad...@teqa.filetek.com";
> AUTHORIZED:TEQA-DC
> TOKEN:TEQA-DC:S-1-5-32-545
> TOKEN:TEQA-DC:S-1-5-32-544
> TOKEN:TEQA-DC:S-1-5-32-555
> TOKEN:TEQA-DC:S-1-5-21-
> 1212545812-2858578934-3563067286-1124
> TOKEN:TEQA-DC:S-1-5-21-1212545812-2858578934-3563067286-512
> TOKEN:TEQA-DC:S-1-5-21-1212545812-2858578934-3563067286-513
> TOKEN:TEQA-DC:S-1-1-0
>
> but,
>
> - String returnedAtts[] = {"tokenGroups","objectSid"}; is returning
> memberGroups AND SID for that user.
>
> C:\OPT>curl
> "http://localhost:8345/mcf-authority-service/UserACLs?username=katalay_ad...@teqa.filetek.com";
> AUTHORIZED:TEQA-DC
> TOKEN:TEQA-DC:S-1-5-32-545
> TOKEN:TEQA-DC:S-1-5-32-544
> TOKEN:TEQA-DC:S-1-5-32-555
> TOKEN:TEQA-DC:S-1-5-21-1212545812-2858578934-3563067286-1124
> TOKEN:TEQA-DC:S-1-5-21-1212545812-2858578934-3563067286-512
> TOKEN:TEQA-DC:S-1-5-21-1212545812-2858578934-3563067286-513
> TOKEN:TEQA-DC:S-1-5-21-1212545812-2858578934-3563067286-1480
> TOKEN:TEQA-DC:S-1-1-0
>
> Since we are only interested in the member groups, tokenGroups is
> sufficient, but if you also need user SID then you might keep the objectSID
> as well.
>
> Thanks
>
> Kadri
>
>
> On Thu, May 5, 2011 at 6:01 PM, Karl Wright <daddy...@gmail.com> wrote:
>>
>> I am curious about the following change, which does not seem correct:
>>
>>
>> //Specify the attributes to return
>> - String returnedAtts[] = {"tokenGroups","objectSid"};
>> + String returnedAtts[]={"tokenGroups"};
>> searchCtls.setReturningAttributes(returnedAtts);
>>
>> Karl
>>
>>
>> On Thu, May 5, 2011 at 5:36 PM, Kadri Atalay <atalay.ka...@gmail.com>
>> wrote:
>> > Karl,
>> >
>> > The ActiveDirectoryAuthority.java is attached.
>> >
>> > I'm not sure about clicking "Grant ASF License", or how to do that from
>> > Tortoise.
>> > But, you got my consent for granting the ASF license.
>> >
>> > Thanks
>> >
>> > Kadri
>> >
>> >
>> > On Thu, May 5, 2011 at 5:28 PM, Karl Wright <daddy...@gmail.com> wrote:
>> >>
>> >> You may attach the whole ActiveDirectoryAuthority.java file to the
>> >> ticket if you prefer. But you must click the "Grant ASF License"
>> >> button.
>> >>
>> >> Karl
>> >>
>> >> On Thu, May 5, 2011 at 5:24 PM, Kadri Atalay <atalay.ka...@gmail.com>
>> >> wrote:
>> >> > Karl,
>> >> >
>> >> > I'm using the Tortoise SVN, and new to SVN..
>> >> > Do you know how to do this with Tortoise ?
>> >> > Otherwise, I can just send the source code directly to you.
>> >> > BTW, there are some changes in the ParseUser method also, you can see
>> >> > all
>> >> > when you run the diff.
>> >> >
>> >> > Thanks
>> >> >
>> >> > Kadri
>> >> >
>> >
>> >
>
>
