Menu

JoinRequestControl is throwing exception for Active Directory

Discussions
Yun
2019-11-05
2019-11-05

  • Yun

    Yun - 2019-11-05

    Hello,

    I am trying to get the manager's email addres of an employee. The manager's empId value is present in the employee's managerEmpId field. The code is attached below:

    SearchRequest searchRequest = new SearchRequest(
        "DC=users,DC=root,DC=unique,DC=org", SearchScope.SUB,
        Filter.createEqualityFilter("dn", "CN=IT00001,OU=it,DC=users,DC=root,DC=unique,DC=org"));

searchRequest.addControl(new JoinRequestControl(new JoinRequestValue(
        JoinRule.createEqualityJoin("managerEmpId", "empId", false),
        JoinBaseDN.createUseCustomBaseDN("DC=users,DC=root,DC=unique,DC=org"),
        SearchScope.SUB, DereferencePolicy.NEVER, null,
        null, new String[0], false, null)));

LDAPConnection connection = new LDAPConnection("microsoft-active-directory-server-remote-url", 9992,
        "CN=SUPERADMIN,OU=it,DC=users,DC=root,DC=unique,DC=org", "********");
SearchResult searchResult = connection.search(searchRequest);

for (SearchResultEntry userEntry : searchResult.getSearchEntries()) {
    JoinResultControl c = JoinResultControl.get(userEntry);
    for (JoinedEntry accountEntry : c.getJoinResults()) {
        System.out.println(accountEntry.getAttributeValue("mailAddress"));
    }
}

    However, it is throwing below exception. Any idea why it is happening for me.

    Exception:

    00000057: LdapErr: DSID-0C090831, comment: Error processing control, data 0, v2580 
LDAPSearchException(resultCode=12 (unavailable critical extension), numEntries=0, numReferences=0, errorMessage='00000057: LdapErr: DSID-0C090831, comment: Error processing control, data 0, v2580 ')
    at com.unboundid.ldap.sdk.LDAPConnection.search(LDAPConnection.java:3661)
    at ..........
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
     

    Last edit: Yun 2019-11-05

  • Neil Wilson

    Neil Wilson - 2019-11-05

    The join request control is a proprietary feature of the Ping Identity Directory Server. It is not currently supported in any other directory server, including Active Directory.

    For future reference, most things in the com.unboundid.ldap.sdk.unboundidds package and its sub-packages are specific to the Ping Identity Directory Server (formerly UnboundID Directory Server) and will likely not work with any other type of server.

     

Log in to post a comment.