> -----Original Message-----
> From: Emmanuel Lecharny [mailto:elecharny@gmail.com]
> Sent: Monday, September 06, 2010 7:54 PM
> To: api@directory.apache.org
> Subject: Re: Using LDAPConnection class...
>
> On 9/6/10 4:02 PM, Stefan Seelmann wrote:
> > AD accepts either
> > - the full DN, that looks typically like "cn=Arvind
> > N,cn=Users,dc=MyDomain,dc=com"
> > - or the samAccountName and the domain in format "Arvind N@DOMAIN"
> >
> > @Emmanuel, Kiran:
> > JXplorer makes the same as Apache Directory Studio: It uses JNDI and
> > JNDI accepts a non-DN as principal. I think we should allow the same
> > for the new API. WDYT?
> I wonder if the LDAP API screams if you use "Arvind N@DOMAIN" as a
> principal. Blind guess : we expect a DN, and we throw an excpetion if
> it's not. We can fix that.
>
> In any case, there is no chance that what Arvin used can work, as it's
> nor a valid DN (ie a full DN), nor a samAccountName. I guess that
> JExplorer is guessing about the root context to use (ie, it adds
> cn=Users, ... to the given DN).
@Kiran, Emmanuel, Stefan
First of all thanks for the responses..
I think JExplorer is letting the LDAP server (AD in this case) decide the KEY here.
In the ethereal trace I see it just sets the exact string of what I have provided without
putting a key to it as in
He does not do a
...
DN: cn=Arvind N
..
Rather does a
...
DN: Arvind N
...
Also once I get the full DN I will try and use the same and verify if LDAPConnection works
fine..
Just checked out the API code to hack more and I see LDAPConnection is an interface now :(
LDAPNetworkConnection seems to have the magic now .. am I missing something ??
Thanks
~Arvind
|