Anyone using Active Directory Lightweight Directory Services? I need help. I wrote a code but not able to create a user in Active directory through java.
1st what i did, I manually created a user in AD LDS server through AD Edit window. and I am able to connect it through below program.
Hashtable env = new Hashtable(11);
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, LDAP_URL);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "CN=testuser,OU=Gulf,DC=serviceProj");
env.put(Context.SECURITY_CREDENTIALS, "1234567");
env.put(Context.SECURITY_PROTOCOL, "ssl");
try {
DirContext ctx = new InitialDirContext(env);
}
I created this test user manually in AD LDS. Now I want to create user using java ,I wrote below code , but getting error.
Hashtable env = new Hashtable(11);
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, LDAP_URL);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "CN=Admin,OU=Gulf,DC=serviceProj");//Admin- this is a admin user through which i login to this server machine on which ad LDA is installed, this same user was selected at time of creation of instance.
env.put(Context.SECURITY_CREDENTIALS, "1234567");
env.put(Context.SECURITY_PROTOCOL, "ssl");
try {
DirContext ctx = new InitialDirContext(env);
Attributes attrs = new BasicAttributes(true);
Attribute oc = new BasicAttribute("objectclass");
oc.add("top");
oc.add("person");
oc.add("organizationalPerson");
oc.add("user");
attrs.put(oc);
attrs.put(new BasicAttribute("cn", "testuser2"));
attrs.put(new BasicAttribute("name","test"));
ctx.createSubcontext("CN=testuser2,OU=Gulf,DC=serviceProj", attrs);
ctx.close();
}
error I am getting-
[9/18/18 14:16:31:193 GST] 0000024c SystemErr R javax.naming.AuthenticationException: [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 2030, v2580
Here i am getting error on this line DirContext ctx = new InitialDirContext(env); means i am not able to connect though admin user. now i need help that from which user i need to connect to create the user there?? //Admin- this is a admin user through which i login to this server machine on which ad LDA is hosted, this same user was selected at time of creation of instance.
what is issue with my code .Please help me with anything,sample code,viodeo anything
There are two possible reasons for this error that I can think of:
cn=testuser2but in the DN you entercn=adminwhich is contradictorytestuserdoes not have create rights in theOU=Gulf,DC=serviceProjcontainerTry to create the user with
and if that still fails, log in with an administrative user (this is an example):
EDIT
So the bind (login) using
InitialDirContext()fails. Does yourAdminuser really exist in that context:In your screenshot, I cannot see that user listed so I think it is not there. You can only log into AD LDS over LDAP with user accounts that actually exist in the LDS instance, not an AD account.
If you try to bind with
CN=testuser,OU=Gulf,DC=serviceProjwith the correct password then theInitialDirContext()call should succeed. If you add this account to the Administrators role in LDS then you should also be able to create the new user.