Active Directory Connect Timeout
Hi friends, My Java application interacts with Microsoft Active Directory server using Java JNDI LDAP API. My application runs successfully for about an hour connecting to AD successfully. After about an hour my application fails. When I checked the error logs I see connection timeout exception to AD server. If I stop and restart my application, then it connects to AD server successfully. Again, it fails with connect timeout exception after an hour. This behaviour is recurring and it's really hard to stop/start the application every hour. Any help on resolving this? Sent from my iPad
Re: Get all attributes
r simply means research and development. Sent from my iPad > On 22-Sep-2015, at 12:40 AM, Emmanuel Lécharny <elecha...@gmail.com> wrote: > > Le 21/09/15 20:03, Syed Mudassir Ahmed a écrit : >> Hello all, it's actually possible to list all the possible attributes for a >> given entry (both assigned and unassigned). I have done it after a hard r > > What is a hard r ? >
Schema object DN in OpenLdap
In Windows active directory, the schema object is cn=schema,cn=configuration,dc=... In OpenLdap, what's the DN for so? Sent from my iPad
Re: Get all attributes
This solution applies to Windows active directory. For each value of objectClass (top, person, etc) there is an object in cn=schema,cn=configuration,dc=... . Each of these objects tells required and optional attributes. For the given entry, get all the values of its objectClass and query those objects for attributes. Sent from my iPad > On 24-Sep-2015, at 6:25 PM, Emmanuel Lécharny <elecha...@gmail.com> wrote: > > Le 24/09/15 14:34, Syed Mudassir Ahmed a écrit : >> r simply means research and development. > > Ok, but that does not say what was your solution. >
Re: Get all attributes
I am curious to know how ldap API can do that? Sent from my iPad > On 24-Sep-2015, at 7:28 PM, Emmanuel Lécharny <elecha...@gmail.com> wrote: > > Le 24/09/15 15:19, Syed Mudassir Ahmed a écrit : >> This solution applies to Windows active directory. For each value of >> objectClass (top, person, etc) there is an object in >> cn=schema,cn=configuration,dc=... . Each of these objects tells required and >> optional attributes. For the given entry, get all the values of its >> objectClass and query those objects for attributes. > yes, but this is not the solution to the very question you asked. Here, > what you are doing is that you fetch the schema, and then you deduce the > optional AttributeTypes a specific entry can have by checking for its > ObjectClasses. > > Your question was "When I do search or lookup operation, I am getting > only 'n' attributes listed. I need the reamining (m-n) attributes as > well." and the short answer is : you can't. It's a two step operation, > actually... > > Now, yes, fecthing the schema is the way to go, and you have to store > the information locally. The LDAP API can do that, so you won't need to > specifically request for the information every tilme you fecth an entry. > (although for AD, this is a bt more complex than just fetching teh > schema, just because AD is not implementng LDAP the way it should ;-) > >
Re: Get all attributes
Hello all, it's actually possible to list all the possible attributes for a given entry (both assigned and unassigned). I have done it after a hard r Sent from my iPad > On 19-Sep-2015, at 8:51 AM, Kiran Ayyagari <kayyag...@apache.org> wrote: > > there are two replies to your earlier mail with subject "Question about > fetching attributes" > > here are the references to those replied > http://mail-archives.apache.org/mod_mbox/directory-users/201509.mbox/%3c55fc13eb.20...@gmail.com%3E > > http://mail-archives.apache.org/mod_mbox/directory-users/201509.mbox/%3CCABzFU-dUCRsp71zFwjDhxsaw3jgSNOKi7=p+_ohqfnq_v8p...@mail.gmail.com%3E > > >> On Sat, Sep 19, 2015 at 11:14 AM, Syed Mudassir Ahmed <sma_se...@icloud.com> >> wrote: >> Ping!! Can someone help? >> >> Sent from my iPad >> >> > On 18-Sep-2015, at 11:06 PM, Syed Mudassir Ahmed <sma_se...@icloud.com> >> > wrote: >> > >> > Hi Everybody, >> > I am using plain java coding (Apache directory API) This is the problem >> > I am facing. >> > I am able to connect to Windows Active Directory. I am able to lookup an >> > object and get the attributes. >> > Suppose an entry has 'm' attributes out of which 'n' attributes are >> > assigned values. The remaining attributes are simply unassigned. >> > When I do search or lookup operation, I am getting only 'n' attributes >> > listed. I need the reamining (m-n) attributes as well. >> > Anyone can help how to that? How are you fetching it? >> > >> > Sent from my iPad > > > > -- > Kiran Ayyagari > http://keydap.com
Re: Get all attributes
Ping!! Can someone help? Sent from my iPad > On 18-Sep-2015, at 11:06 PM, Syed Mudassir Ahmed <sma_se...@icloud.com> wrote: > > Hi Everybody, > I am using plain java coding (Apache directory API) This is the problem I > am facing. > I am able to connect to Windows Active Directory. I am able to lookup an > object and get the attributes. > Suppose an entry has 'm' attributes out of which 'n' attributes are assigned > values. The remaining attributes are simply unassigned. > When I do search or lookup operation, I am getting only 'n' attributes > listed. I need the reamining (m-n) attributes as well. > Anyone can help how to that? How are you fetching it? > > Sent from my iPad
Get all attributes
Hi Everybody, I am using plain java coding (Apache directory API) This is the problem I am facing. I am able to connect to Windows Active Directory. I am able to lookup an object and get the attributes. Suppose an entry has 'm' attributes out of which 'n' attributes are assigned values. The remaining attributes are simply unassigned. When I do search or lookup operation, I am getting only 'n' attributes listed. I need the reamining (m-n) attributes as well. Anyone can help how to that? How are you fetching it? Sent from my iPad
Secured LDAP Account
I am trying to obtain an ldap connection. Using port 389 I am successfully able to get connection. But when I try to use LdapNetworkConnection(IP Address, 636, true) and then invoke bind(dn, password), I am getting PROTOCOL_ERROR. Using LdapBrowser I am able to connect to my LDAP server over port 636. But through Java program its not getting connected. Can u help? Thanks, Syed. Syed M Ahmed Senior Member of Technical Staff Gaian Solutions India Pvt Ltd
Re: Secured LDAP Account
Yes, Certificate is generated on the server side. And port is 636. I am able to connect to my server through LDAPBrowser using LDAPS protocol and 636 port number. But not using java program. Thanks, Syed. Syed M Ahmed Senior Member of Technical Staff Gaian Solutions India Pvt Ltd On Wed, Nov 5, 2014 at 9:56 PM, Ike Ikonne iiko...@us.ibm.com wrote: Hi all, Do you have the LDAP Server certificate included in your TrustManager Algorithm? Also, make sure that you are using secure socket to bind to port 636. Ike From: Syed Mudassir Ahmed syed.mudas...@gaiatv.in To: users@directory.apache.org, Date: 11/05/2014 10:14 AM Subject:Secured LDAP Account I am trying to obtain an ldap connection. Using port 389 I am successfully able to get connection. But when I try to use LdapNetworkConnection(IP Address, 636, true) and then invoke bind(dn, password), I am getting PROTOCOL_ERROR. Using LdapBrowser I am able to connect to my LDAP server over port 636. But through Java program its not getting connected. Can u help? Thanks, Syed. Syed M Ahmed Senior Member of Technical Staff Gaian Solutions India Pvt Ltd
Re: Secured LDAP Account
No, I don't. Good question. I have no idea as well. Can you please provide an example/reference that I can follow? Thanks, Syed. Syed M Ahmed Senior Member of Technical Staff Gaian Solutions India Pvt Ltd On Wed, Nov 5, 2014 at 10:31 PM, Ike Ikonne iiko...@us.ibm.com wrote: Hi Syed, So, in your Java program, do you have the server certificate in the keystore that your Java program is using to establish SSL connection with the LDAP server? Thanks, Ike From: Syed Mudassir Ahmed syed.mudas...@gaiatv.in To: users@directory.apache.org, Date: 11/05/2014 10:57 AM Subject:Re: Secured LDAP Account Yes, Certificate is generated on the server side. And port is 636. I am able to connect to my server through LDAPBrowser using LDAPS protocol and 636 port number. But not using java program. Thanks, Syed. Syed M Ahmed Senior Member of Technical Staff Gaian Solutions India Pvt Ltd On Wed, Nov 5, 2014 at 9:56 PM, Ike Ikonne iiko...@us.ibm.com wrote: Hi all, Do you have the LDAP Server certificate included in your TrustManager Algorithm? Also, make sure that you are using secure socket to bind to port 636. Ike From: Syed Mudassir Ahmed syed.mudas...@gaiatv.in To: users@directory.apache.org, Date: 11/05/2014 10:14 AM Subject:Secured LDAP Account I am trying to obtain an ldap connection. Using port 389 I am successfully able to get connection. But when I try to use LdapNetworkConnection(IP Address, 636, true) and then invoke bind(dn, password), I am getting PROTOCOL_ERROR. Using LdapBrowser I am able to connect to my LDAP server over port 636. But through Java program its not getting connected. Can u help? Thanks, Syed. Syed M Ahmed Senior Member of Technical Staff Gaian Solutions India Pvt Ltd
