JNDI LDAP pwdChangedTime password timestamp

[ravimannan2002]

Help!!

I'm trying to determine the amount of time until a user's password
expires. This information is stored in an Oracle Internet Directory
LDAP. I'm using the JNDI api's, of course.

I need to get the password expiration time, which is the
pwdMaxAge attribute in
"cn=PwdPolicyEntry,cn=Common,cn=Products,cn=OracleContext"
I can do this fine.

Next I need to get the timestamp of a particular user's password.
According to this:

http://www.lc.leidenuniv.nl/awcourse/oracle/network.920/a96574/pwdpolic.htm
"In addition, the object class top contains these operational
attributes, to maintain the user-password state information for each
user entry."

pwdChangedTime contains a password timestamp.

pwdChangedTime is one of those attributes in the object class
'top.' How do I read this value for a single user such as
"uid=mojoe,ou=People,o=myserver.com" ?

I know enough about jndi to read attributes from mojoe, like the
uid,etc. But I can't read those inherited from 'top.' Also, this
is probably more of an Oracle/OID question, but do I have to configure
the ldap to store the value for pwdChangedTime, or is the timestamp
automatic?

Is there an easier way to get a notice that the password has expired,
like through "pwdExpirationWarned"? (I have no idea how to get jndi
to work with pwdExpirationWarned.)

This is a tough question, and all help would be appreciated!
Thank you.

 

[iksrazal]

pwdChangedTime is one of those attributes in the object class
'top.' How do I read this value for a single user such as
"uid=mojoe,ou=People,o=myserver.com" ?

This is a tough question, and all help would be appreciated!
Thank you.

You may try ldap guru for more specific vendor questions like Oracle.

http://www.ldapguru.com/

Concerning Java/LDAP, You may try this method, which will show
everything you have rights to:

public static void findall (String who, String context)
{
try
{
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
// Perform the actual search
// We give it a searchbase, a filter and the constraints
// containing the scope of the search
NamingEnumeration results = gctx.search(context, who,
constraints);

System.out.println ("find all : who: " + who + ", context: " +
context);
int xx=0;
// Now step through the search results
while ( results != null && results.hasMore() )
{
System.out.println ("Looping..." + xx++);

SearchResult sr = (SearchResult) results.next();
String dn = sr.getName();
System.out.println ("Distinguished Name is " +dn);
Attributes attrs = sr.getAttributes();
for (NamingEnumeration ne = attrs.getAll();
ne.hasMoreElements()
{
Attribute attr = (Attribute)ne.next();
String attrID = attr.getID();
System.out.println (attrID+":");
for (Enumeration vals =
attr.getAll();vals.hasMoreElements()
{
System.out.println ("\t"+vals.nextElement());
}
}

System.out.println ("\n");
} // End while loop displaying list of attributes
if (0 == xx)
{
System.out.println ("\nNo attributes found for context");
}
}
catch ( Exception e )
{
e.printStackTrace();
}
}

HTH,
iksrazal
http://www.braziloutsource.com/