Thursday, August 5, 2010

LDAP memberOf check

import java.util.Hashtable;

import javax.naming.CompositeName;
import javax.naming.Context;
import javax.naming.Name;
import javax.naming.NameParser;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;

public class MemberOfTest{
private static final String contextFactory = "com.sun.jndi.ldap.LdapCtxFactory";
private static final String connectionURL = "ldap://HOST:PORT";
private static final String connectionName = "CN=Query,CN=Users,DC=XXX,DC=XX";
private static final String connectionPassword = "XXX";

// Optioanl
private static final String authentication = null;
private static final String protocol = null;

private static String username = "XXXX";

private static final String MEMBER_OF = "memberOf";
private static final String[] attrIdsToSearch = new String[] { MEMBER_OF };
public static final String SEARCH_BY_SAM_ACCOUNT_NAME = "(sAMAccountName=%s)";
public static final String SEARCH_GROUP_BY_GROUP_CN = "(&(objectCategory=group)(cn={0}))";
private static String userBase = "DC=XXX,DC=XXX";

public static void main(String[] args) throws NamingException {
Hashtable env = new Hashtable();

// Configure our directory context environment.

env.put(Context.INITIAL_CONTEXT_FACTORY, contextFactory);
env.put(Context.PROVIDER_URL, connectionURL);
env.put(Context.SECURITY_PRINCIPAL, connectionName);
env.put(Context.SECURITY_CREDENTIALS, connectionPassword);
if (authentication != null)
env.put(Context.SECURITY_AUTHENTICATION, authentication);
if (protocol != null)
env.put(Context.SECURITY_PROTOCOL, protocol);

InitialDirContext context = new InitialDirContext(env);
String filter = String.format(SEARCH_BY_SAM_ACCOUNT_NAME, username);
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
constraints.setReturningAttributes(attrIdsToSearch);
NamingEnumeration results = context.search(userBase, filter,constraints);
// Fail if no entries found
if (results == null || !results.hasMore()) {
System.out.println("No result found");
return;
}

// Get result for the first entry found
SearchResult result = (SearchResult) results.next();

// Get the entry's distinguished name
NameParser parser = context.getNameParser("");
Name contextName = parser.parse(context.getNameInNamespace());
Name baseName = parser.parse(userBase);

Name entryName = parser.parse(new CompositeName(result.getName())
.get(0));

// Get the entry's attributes
Attributes attrs = result.getAttributes();
Attribute attr = attrs.get(attrIdsToSearch[0]);

NamingEnumeration e = attr.getAll();
System.out.println("Member of");
while (e.hasMore()) {
String value = (String) e.next();
System.out.println(value);
}
}
}



Here is list of attributes i got from my ldap server, Note: to get this you have to remove "memberOf" search condition.




###### ID = objectCategory ######
CN=Person,CN=Schema,CN=Configuration,DC=xxxx,DC=corp


###### ID = whenCreated ######
20080407125151.0Z


###### ID = mDBUseDefaults ######
TRUE


###### ID = mail ######
s.saminathan@xxxx.nl


###### ID = objectGUID ######
L ?L yzH?@?????


###### ID = msExchUserAccountControl ######
0


###### ID = memberOf ######
CN=VPN Users,CN=Users,DC=xxxx,DC=corp
CN=Local Administrators,CN=Users,DC=xxxx,DC=corp
CN=5th-general,OU=Groups,OU=Amsterdam,DC=xxxx,DC=corp


###### ID = msExchMailboxGuid ######
? ??D ?H?????A?2


###### ID = instanceType ######
4


###### ID = msExchPoliciesIncluded ######
{827C0A8F-A65E-4C65-B36E-E83B0B8CFE3A},{3B6813EC-CE89-42BA-9442-D87D4AA30DBC}


###### ID = objectSid ######


###### ID = proxyAddresses ######
SMTP:s.saminathan@xxxx.nl
smtp:s.saminathan@xxxx.com
X400:c=US;a= ;p=xxxx;o=Exchange;s=Saminathan;g=Sundaramurthi;


###### ID = dSCorePropagationData ######
20100723085710.0Z
16010101000000.0Z


###### ID = objectClass ######
top
person
organizationalPerson
user


###### ID = company ######
xxxx B.V.


###### ID = name ######
Sundaramurthi Saminathan


###### ID = description ######
GUI


###### ID = sn ######
Saminathan


###### ID = telephoneNumber ######
+31 (0)xx xxxxx


###### ID = userAccountControl ######
512


###### ID = primaryGroupID ######
513


###### ID = postalCode ######
xxxx CT


###### ID = uSNChanged ######
1060120


###### ID = physicalDeliveryOfficeName ######
Amsterdam


###### ID = co ######
Netherlands


###### ID = cn ######
Sundaramurthi Saminathan


###### ID = textEncodedORAddress ######
c=US;a= ;p=xxxx;o=Exchange;s=Saminathan;g=Sundaramurthi;


###### ID = title ######
Software Developer


###### ID = msExchHomeServerName ######
/o=xxxx/ou=First Administrative Group/cn=Configuration/cn=Servers/cn=EXCHANGE


###### ID = homeMTA ######
CN=Microsoft MTA,CN=EXCHANGE,CN=Servers,CN=First Administrative Group,CN=Administrative Groups,CN=xxxx,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=xxxx,DC=corp


###### ID = sAMAccountType ######
805306368


###### ID = legacyExchangeDN ######
/o=xxxx/ou=First Administrative Group/cn=Recipients/cn=ssaminathan


###### ID = givenName ######
Sundaramurthi


###### ID = uSNCreated ######
20429


###### ID = displayName ######
Sundaramurthi Saminathan


###### ID = userPrincipalName ######
ssaminathan@xxxx.corp


###### ID = pwdLastSet ######
xxxxxxx


###### ID = whenChanged ######
20100805092721.0Z


###### ID = department ######
GUI


###### ID = streetAddress ######
xxxxxxxxx 280


###### ID = facsimileTelephoneNumber ######
+31 (0)20 xxxxx


###### ID = l ######
Amsterdam


###### ID = mailNickname ######
ssaminathan


###### ID = distinguishedName ######
CN=Sundaramurthi Saminathan,OU=IT-GUI,OU=IT,OU=Users,OU=Amsterdam,DC=xxxx,DC=corp


###### ID = homeMDB ######
CN=Mailbox Store Users (EXCHANGE),CN=SG 1,CN=InformationStore,CN=EXCHANGE,CN=Servers,CN=First Administrative Group,CN=Administrative Groups,CN=xxxx,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=xxxx,DC=corp


###### ID = msExchPoliciesExcluded ######
{26491CFC-9E50-4857-861B-0CB8DF22B5D7}


###### ID = c ######
NL


###### ID = manager ######
CN=xxxxx,OU=IT-GUI,OU=IT,OU=Users,OU=Amsterdam,DC=xxxx,DC=corp


###### ID = showInAddressBook ######
CN=NL Users,CN=All Address Lists,CN=Address Lists Container,CN=xxxx,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=xxxx,DC=corp
CN=Default Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=xxxx,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=xxxx,DC=corp
CN=All Users,CN=All Address Lists,CN=Address Lists Container,CN=xxxx,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=xxxx,DC=corp


###### ID = sAMAccountName ######
ssaminathan
Posted by at No comments:
Subscribe to: Comments (Atom)