3 Replies Latest reply: Dec 21, 2011 7:52 PM by EJP RSS

    How do I create a user in active directory?

    904870
      I've been trying to figure this out and found some tutorials online. I am getting this error:

      javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - 00000057: LdapErr: DSID-0C090C26, comment: Error in attribute conversion operation, data 0, v1771

      From this code:

      try
                {
                     String userType = user.getUserType() + "s (dural)";
                     LOG.debug("user type is " + userType);
                     String groupName = "Thin Client Users";
                     Attributes attrs = new BasicAttributes(true);
                     attrs.put("objectClass", userType);
                     attrs.put("samAccountName", user.getWindowsId());
                     attrs.put("cn", user.getCommentString());
                     attrs.put("givenName", user.getFirstName());
                     attrs.put("sn", user.getLastName());
                     attrs.put("displayName", user.getCommentString());

                     String userName = String.format(
                               "CN=%s,OU=Staff,OU=%s,DC=elandata,DC=com",
                               user.getCommentString(), user.getUserType());

                     int UF_ACCOUNTDISABLE = 0x0002;
                     int UF_PASSWD_NOTREQD = 0x0020;
                     int UF_PASSWD_CANT_CHANGE = 0x0040;
                     int UF_NORMAL_ACCOUNT = 0x0200;
                     int UF_DONT_EXPIRE_PASSWD = 0x10000;
                     int UF_PASSWORD_EXPIRED = 0x800000;


                     attrs.put(
                               "userAccountControl",
                               Integer.toString(UF_NORMAL_ACCOUNT + UF_PASSWD_NOTREQD
                                         + UF_PASSWORD_EXPIRED + UF_ACCOUNTDISABLE));

                     Context result = ctxGC.createSubcontext(userName, attrs);

                     LOG.info("Creating windows account for: " + userName);


                     StartTlsResponse tls = (StartTlsResponse) ctxGC
                               .extendedOperation(new StartTlsRequest());
                     tls.negotiate();


                     ModificationItem[] mods = new ModificationItem[2];

                     String newQuotedPassword = "\"password\"";
                     byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");

                     mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,
                               new BasicAttribute("unicodePwd", newUnicodePassword));
                     mods[1] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,
                               new BasicAttribute("userAccountControl",
                                         Integer.toString(UF_NORMAL_ACCOUNT
                                                   + UF_PASSWORD_EXPIRED)));

                     ctxGC.modifyAttributes(userName, mods);
                     LOG.info("Set password & updated userccountControl");

                     try
                     {
                          ModificationItem member[] = new ModificationItem[1];
                          member[0] = new ModificationItem(DirContext.ADD_ATTRIBUTE,
                                    new BasicAttribute("member", userName));

                          ctxGC.modifyAttributes(groupName, member);
                          System.out.println("Added user to group: " + groupName);

                     } catch (NamingException e)
                     {
                          System.err.println("Problem adding user to group: " + e);
                     }
                     // Could have put tls.close() prior to the group modification
                     // but it seems to screw up the connection or context ?
                     tls.close();
                     ctxGC.close();


      I've tried commenting out the "unicodePwd" attribute since I can't find it on microsoft's website, but still same error.