I'm developing an app to list users from Active Directory. I get domain name(or ipaddress or domain controller name) to connect to the domain. I also get username and password as input from user. Users enter their username not as distinguishedName but as plain username (eg: john or administrator, this is to provide easy access of app to the user, since many users would struggle to find their DN). Now, I need atleast UPN (administrator@example.com or example\administrator or DN) to bind with AD. After connecting to the server I can obtain rootDSE properties.
Eg : LDAPConnection connection = new LDAPConnection("123.14.11.2",389);
System.out.println(connection.getRootDSE().toLDIFString());
Likewise, is there a way I can obtain Configuration Naming Context properties.
I use the query "(&(objectcategory=Crossref)(nCName=)(netBIOSName=))" with baseDN as "CN=configuration,DC=example,DC=com" to obtain netBIOSName (example) and dnsRoot(example.com). This works fine when bind with AD and search.
The above code works fine. But I get the input as "administrator". What is the way that I can obtain the netBIOSName? How to perform an anonymous search?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
To perform an anonymous search (or any kind of operation), simply omit the bind operation. If you've already authenticated, you can revert that by performing an anonymous bind by specifying empty strings for both the user DN and password.
It's possible that the server is configured to not allow that information to be retrieved anonymously. If that's the case, then that's not an LDAP SDK issue but rather a server configuration issue, and I don't know anything about Active Directory access control.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I'm developing an app to list users from Active Directory. I get domain name(or ipaddress or domain controller name) to connect to the domain. I also get username and password as input from user. Users enter their username not as distinguishedName but as plain username (eg: john or administrator, this is to provide easy access of app to the user, since many users would struggle to find their DN). Now, I need atleast UPN (administrator@example.com or example\administrator or DN) to bind with AD. After connecting to the server I can obtain rootDSE properties.
Eg : LDAPConnection connection = new LDAPConnection("123.14.11.2",389);
System.out.println(connection.getRootDSE().toLDIFString());
Likewise, is there a way I can obtain Configuration Naming Context properties.
I use the query "(&(objectcategory=Crossref)(nCName=)(netBIOSName=))" with baseDN as "CN=configuration,DC=example,DC=com" to obtain netBIOSName (example) and dnsRoot(example.com). This works fine when bind with AD and search.
connection.connect("123.14.11.2",389);
connection.bind("example\administrator","password");
defaultNamingContext = connection.getRootDSE().getAttributeValue("configurationNamingContext");
SearchRequest searchRequest = new SearchRequest(defaultNamingContext,SearchScope.SUB,"(&(objectcategory=Crossref)(nCName=)(netBIOSName=))");
SearchResult searchResult = connection.search(searchRequest);
for(SearchResultEntry entry : searchResult.getSearchEntries()){
System.out.println(entry.toLDIFString());
}
The above code works fine. But I get the input as "administrator". What is the way that I can obtain the netBIOSName? How to perform an anonymous search?
To perform an anonymous search (or any kind of operation), simply omit the bind operation. If you've already authenticated, you can revert that by performing an anonymous bind by specifying empty strings for both the user DN and password.
It's possible that the server is configured to not allow that information to be retrieved anonymously. If that's the case, then that's not an LDAP SDK issue but rather a server configuration issue, and I don't know anything about Active Directory access control.