I am writing tests for an ldap integration module. The UnboundID InMemoryDirectoryServer has been invaluable for this, so thank you very much for this. I now find myself having to fix an issue with and AD server. While the actual solution to the problem seems obvious to me, I would like to include a test for this case. Is there any AD schema available for testing purposes?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The LDAP SDK only ships with a standards-based schema, and Active Directory uses a pretty non-standard schema. Further, including schema for any particular directory server implementation would be a moving target, since it’s likely that each release will introduce new schema elements. Even if I were to keep it up to date in the LDAP SDK, that wouldn’t necessarily match the schema that’s available in the version of the server that you’re using.
Instead, you can configure the in-memory directory server with whatever schema you want, and you can get the schema from your own Active Directory instance. To do that, you’d establish an LDAPConnection to your Active Directory server, and then use code like the following:
Now that you have an LDIF file with the schema that you want to use, you can create an in-memory directory server instance that uses the schema from that LDIF file. For example:
InMemoryDirectoryServerConfig config =
new InMemoryDirectoryServerConfig("dc=example,dc=com");
config.setSchema(Schema.getSchema("active-directory-schema.ldif"));
InMemoryDirectoryServer ds = new InMemoryDirectoryServer(config);
Or if you’re running the in-memory directory server from the command line, you can use the --useSchemaFile argument to specify the path to the schema file that you want to use.
Neil
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
thanks for the info. I will see if I can make this work. Unfortunately, it isn't my AD instance I have to worry about but those at clients. But that isn't anything you can help. I appreciate the answer.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi,
I am writing tests for an ldap integration module. The UnboundID InMemoryDirectoryServer has been invaluable for this, so thank you very much for this. I now find myself having to fix an issue with and AD server. While the actual solution to the problem seems obvious to me, I would like to include a test for this case. Is there any AD schema available for testing purposes?
The LDAP SDK only ships with a standards-based schema, and Active Directory uses a pretty non-standard schema. Further, including schema for any particular directory server implementation would be a moving target, since it’s likely that each release will introduce new schema elements. Even if I were to keep it up to date in the LDAP SDK, that wouldn’t necessarily match the schema that’s available in the version of the server that you’re using.
Instead, you can configure the in-memory directory server with whatever schema you want, and you can get the schema from your own Active Directory instance. To do that, you’d establish an LDAPConnection to your Active Directory server, and then use code like the following:
Schema schema = ldapConnection.getSchema(); LDIFWriter ldifWriter = new LDIFWriter("active-directory-schema.ldif"); ldifWriter.writeEntry(schema.getSchemaEntry()); ldifWriter.close();Now that you have an LDIF file with the schema that you want to use, you can create an in-memory directory server instance that uses the schema from that LDIF file. For example:
InMemoryDirectoryServerConfig config = new InMemoryDirectoryServerConfig("dc=example,dc=com"); config.setSchema(Schema.getSchema("active-directory-schema.ldif")); InMemoryDirectoryServer ds = new InMemoryDirectoryServer(config);Or if you’re running the in-memory directory server from the command line, you can use the --useSchemaFile argument to specify the path to the schema file that you want to use.
Neil
Hi,
thanks for the info. I will see if I can make this work. Unfortunately, it isn't my AD instance I have to worry about but those at clients. But that isn't anything you can help. I appreciate the answer.