stackoom
  简体   繁体   中英

java get Active Directory RootDSE

 原文  2018-08-19 16:13:30       java/ active-directory

Question

I am trying to get Active Directory rootDSE using java. Here is what I have attempted so far:

public class RootDSE {

    public DirContext context;
    public Attributes attributes;
    public NamingEnumeration enumerations;

    public RootDSE()
    {
        try {
            this.context = new InitialDirContext();
            this.attributes = context.getAttributes(
                "ldap://192.168.122.115", new String[]{"*"}
            );
            this.enumerations = this.attributes.getIDs();
            while(this.enumerations != null && this.enumerations.hasMore()) {
                String nextAttribute = (String)this.enumerations.next();
                System.out.println(attributes.get(nextAttribute));
            }
            context.close();
        } catch (NamingException e) {
            e.printStackTrace();
        }
    }
}

(I have commented the import s to make the reading easier. I launch the code by just creating the RootDSE object: 

RootDSE dse = new RootDSE();
javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090728, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580

I have already performed authenticated ldap requests, so the network connectivity and access to directory service is granted. Moreover, rootDSE requests should be anonymous? It shouldn't be necessary to perform a " successful bind " to get it?

Can someone explain why am I getting this error, and how to solve it?

Many thanks!

1 answers

solution1
 0  2021-04-30 08:06:54

This is a problem specific to AD and a clash with Java's JNDI LDAP implementation which kinda by default assumes that an LDAPv3 server supports RFC3296, yet AD doesn't. This results in the reported - perhaps not that intuitive - error message from AD.

Resolution: as per this answer you need to set Context.REFERRAL property on the context.

Therefore, initialize your context like this:

Properties props = new Properties();
props.setProperty(Context.REFERRAL, "throw");  // any other allowed value than the default ('ignore') will do
this.context = new InitialDirContext(props);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Get RootDSE from Active Directory anonymously using Java JNDI classes How get active directory domain name in java how to use java to query LDAP's ROOTDSE Active Directory Query - Java Get Email Addresses from Active Directory by passing Group Name in JAVA How to get the max. page size of Active Directory dynamically with Java How get Active Directory user password from java Get list of Active Directory users with authenticated identity thru Waffle (Java)? Java Spring get attributes from Active Directory UserDetails Java Code to interect with Active Directory
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM