Hi Emmauel,
Thanks for the info.
I am not certain with what the most reliable attribute name is across all
LDAP implementations but I thought it was "dn" until I saw some Active
Directory DIT's, dn was not used at all. It was "distinguishedName"
instead.
Hive's Atn provider performs ldap searches for groups/users based on object
class but only retrieves the "distinguishedName" from the matching ldap
entries (to save bandwidth in retrieving all the attribute values for
matching ldap entries).
But in your opinion, is attribute "dn" more of a standard?
Also how do I define Groups and assign users to groups with ApacheDS?
memberOf does not seem to work.
"dn: cn=user2,ou=People,dc=example,dc=com",
"objectClass: inetOrgPerson",
"objectClass: person",
"objectClass: top",
"givenName: Test2",
"cn: Test User2",
"sn: user2",
"uid: user2",
"userPassword: user2",
"memberOf: cn=group2,ou=groups,dc=example,dc=com"
Thank you
Naveen
On Thu, Oct 22, 2015 at 12:54 PM, Emmanuel Lécharny <[email protected]>
wrote:
> Le 22/10/15 18:29, Naveen Gangam a écrit :
> > Thanks for the pointers in my earlier post. I have made some progress
> using
> > some sample code that uses annotations to start ldap server in JUnit
> tests.
> >
> >
> http://svn.apache.org/viewvc/directory/apacheds/tags/2.0.0-M20/ldap-client-test/src/test/java/org/apache/directory/shared/client/api/operations/search/ClientSearchRequestTest.java?revision=1676627&view=markup
> >
> > However, I have run into another problem. Attempting to load the
> following
> > ldif entry
> > @ApplyLdifs(
> > {
> > "dn: dc=example,dc=com",
> > "distinguishedName: dc=example,dc=com",
> > "objectClass: top",
> > "objectClass: domain",
> > "dc: example",
> >
> > ....
> >
> > causes
> >
> org.apache.directory.api.ldap.model.exception.LdapSchemaViolationException:
> > ERR_277 Attribute distinguishedname not declared in objectClasses of
> entry
> > dc=example,dc=com
> > at
> >
> org.apache.directory.server.core.schema.SchemaInterceptor.assertAllAttributesAllowed(SchemaInterceptor.java:1393)
> > at
> >
> org.apache.directory.server.core.schema.SchemaInterceptor.check(SchemaInterceptor.java:964)
> > at
> >
> org.apache.directory.server.core.schema.SchemaInterceptor.add(SchemaInterceptor.java:1051)
> > at
> >
> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:422)
> > at
> >
> org.apache.directory.server.core.exception.ExceptionInterceptor.add(ExceptionInterceptor.java:135)
> > at
> >
> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:422)
> > at
> >
> org.apache.directory.server.core.admin.AdministrativePointInterceptor.add(AdministrativePointInterceptor.java:120
> >
> >
> > It appears distinguishedName is not a valid attribute type in the schema
> > being used. Is the code using the wrong schema type? I dont have deep
> > knowledge in RFC definitions, but I thought this was a standard
> attribute.
> DistinguishedName is *not* an attribute you should use, it's not
> supposed to be set. You already can check the value by looking at the
> entry's DN (it contain the same value).
> >
> > How do I resolve this issue? I need to have distinguishedName in my ldap
> > entries to be able to test the code.
>
> Actually, there is a workaround, but again, a test that expects to find
> a DistinguishedName attribute in an entry is badly broken. You just have
> to add the ExtensibleObject ObjctClass to your entries. This is really a
> bad workaround.
>
> What's the cod of your test that check the presence of the
> DistinguishName attribute in entries ?
>
>
>
