ldap

问题 How do I query the active directory in Java using the current logged on user in windows? This is possible using C++ with ldap_bind_s and passing null in the credential. It lets you bind to the AD with the current logged on user and query AD but I could not find its equivalent in Java. I saw at other places that I can use kerberos but kerberos forces me to generate a keytab file for the user and uses it to communicate with AD using GSSAPI. I want to avoid asking users to generate keytab file.

问题 I need to query Active Directory for a list of users whose password is about to expire. The obvious (and easy) way to do this is with: dsquery user -stalepwd n The problem is that I need to add additional filters to only look for users who are in certain security groups. This is hard to do with the "dsquery user" syntax that has the built-in -stalepwd option, so I've been using the "dsquery * -filter" option which allows you to use LDAP query syntax. Unfortunately, while its relatively easy

问题 I've been having a play with the fantastic active_directory module from Tim Golden and the extensive python-ldap module and while I see a great slew of articles on how to query, modify, create and delete entries within Active Directory from python I can't for the life of me find any advise on moving a user to a different OU using python. Is my google-foo failing me or is this not possible? (I've had great success with c# but I prefer to work in python where I can) Thanks in advance EDIT: OK,

问题 I'm pulling information about a user from ldap. This includes directReports, which is in the full "CN=cnBlah, OU=ouBlah, DC=dcBlah" form. I'm trying to do another lookup to find info about the reportee. So far the only way I've been able to actually find said user is to break out the CN= and set the remainder of the string as the base. Is this the proper way of doing it? Or is there a way to search for an entry given the full dn? 回答1: Use the DN as the base object in the search and set the

问题 I am trying to fetch, store and in turn use objectGUID to query Active directory. To get user attributes i am using following public static class MyDnKeyValueAttMapper implements AttributesMapper<Object> { @Override public List<LdapKeyValueList> mapFromAttributes(Attributes attributes) throws NamingException, javax.naming.NamingException { List<LdapKeyValueList> attributeKeyValMap = new ArrayList<LdapKeyValueList>(); NamingEnumeration<String> namingEnumeration = attributes.getIDs(); while

问题 I've got an instance of sonarqube 5.5 running. I wanted to use the sonar-ldap-plugin 1.5.1 in order to delegate the authentication and authorization to the Active Directory service of my company. The configuration for the LDAP plugin is the following (modulo some obfuscation): sonar.authenticator.createUsers=false sonar.security.savePassword=false sonar.security.realm=LDAP ldap.url=ldap://host.my.domain ldap.user.baseDn=OU=Users,OU=Organic Units,DC=my,DC=domain ldap.user.request=(&

问题 Whenever I try to change someone's password via ldap3 library I get the following error: {'type': 'modifyResponse', 'result': 53, 'message': '0000001F: SvcErr: DSID-031A12D2, problem 5003 (WILL_NOT_PERFORM), data 0\n\x00', 'referrals': None, 'description': 'unwillingToPerform', 'dn': ''} This error usually occurs because of the two conditions: either user is trying to modify the password through the unencrypted connection or the password is being sent with the incorrect encoding. My SSL

问题 I get this error always Server is unwilling to perform and my code is the next: echo "Checking ..."; $username = $_POST["username"]; $passwd = $_POST["passwd"]; $host = 'myhost.co.uk'; $port = 389; $dn = 'uid='.$username.',cn=nssproxy,ou=users,dc=co,dc=uk'; // conexion a ldap $conn = ldap_connect( "ldap://".$host.":389") ; ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($conn, LDAP_OPT_REFERRALS, 0); // match de usuario y password $bind = ldap_bind( $conn, $dn, $password

问题 In the Active Direcotry mmc snap-in you cant see attributes that are "Not Set". When you use ADSIEDIT.MSC tool, if attribute values are null you do see them as "Not Set". How can I set an attribute to "Not Set" in .Net code? Here is the answer in Powershell but I need to do it with some .Net code (VB.Net/C#). http://social.technet.microsoft.com/Forums/en-US/winserverpowershell/thread/d6d0bfa1-73da-41ea-a7f5-f622de9f7d1b/ ps msExchHideAddressLists is the culprit attribute, when its True or

问题 I am trying to implement a basic ldap bind with the following node.js file. Unfortunately, I keep getting a bind error with code 128. I looked online and found no references of code 128. The LDAP server I am trying to search is an eDirectory. Does anyone have any experience with this or have you had similar problems? My node version is v0.10.22 and my ldapjs version is v0.7.1 var ldap = require('ldapjs'); var creds = { url: "ldaps://ldap.url.com:636", bindDN: "cn=ldap,o=com" }; var opts = {