Add User To Group in Active Directory using JNDI

Z

zieg

Hi all!

I am new to Active directory and have Problems adding a new User to a
Distribution-Group in MS Active Direcory.

I created a custom group called "GR1" via the Windows GUI
Now i want to add/remove users to this group using java/jndi

I read that the "memberOf" attribute of the user can not be changed
instead you have to change the "member" attribute of the group the
user should be added. But when i try to modify the "member" attribute
of the group i get the following Exception:

javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D:
NameErr: DSID-031001B8, problem 2001 (NO_OBJECT), data 0, best match
of: '' ]; remaining name 'CN=GR1,CN=Users'

When i try to change the "description" attribute of the group with the
same code it works fine.

Here is the code i use



import javax.naming.*;
import javax.naming.directory.*;
import java.util.Hashtable;

public class Test2 {

public static void main( String[] args )
{
// Set up environment for creating initial context
Hashtable env = new Hashtable(11);
NamingEnumeration ne;

try {
String SRV = args[0];
String USER = args[1];
String PWD = args[2];

String UserDN = "CN=TestUser,CN=Users";
String GroupDN = "CN=GR1,CN=Users";

env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, SRV);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, USER);
env.put(Context.SECURITY_CREDENTIALS, PWD);

// create initial context
DirContext ctx = new InitialDirContext(env);



ModificationItem[] mods = new ModificationItem[1];
// mods[0] = new
ModificationItem(DirContext.REPLACE_ATTRIBUTE,new
BasicAttribute("description", "foobar")); // works fine
// mods[0] = new
ModificationItem(DirContext.ADD_ATTRIBUTE,new BasicAttribute("member",
UserDN)); // does not work
mods[0] = new
ModificationItem(DirContext.REPLACE_ATTRIBUTE,new
BasicAttribute("member", UserDN)); // does not work

// try to set the member attribute
try {
ctx.modifyAttributes(GroupDN, mods);
} catch (NamingException e) {
e.printStackTrace();
}



// List the attributes of the group "GR1"
String[] attrIDs = null;
Attributes matchAttrs = new BasicAttributes(true); //
ignore case
matchAttrs.put(new BasicAttribute("cn", "GR1"));
SearchResult sr =
(SearchResult)ctx.search("CN=Users",matchAttrs,attrIDs).next();
Attributes userAttrs = sr.getAttributes();

for (NamingEnumeration ae = userAttrs.getAll();
ae.hasMore();) {
Attribute attr = (Attribute)ae.next();
System.out.print(attr.getID());
for (NamingEnumeration e = attr.getAll(); e.hasMore();
System.out.println(" \"" + e.next().toString() + "\" "));
}

ctx.close();

} catch (NamingException e) {
e.printStackTrace();
}
}
}

Thanks a lot
Michael
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,743
Messages
2,569,478
Members
44,898
Latest member
BlairH7607

Latest Threads

Top