2 Replies Latest reply: Aug 28, 2012 5:29 AM by 916276 RSS

    Issue while setting "msDS-UserAccountDisabled" in ldap using JAVA

    916276
      I have successfully created one user in LDAP using JAVA API.

      But when I tried to modify the "*msDS-UserAccountDisabled*" attribute to "*FALSE*" is gave me error.

      My code snippet:

      Attributes personAttributes = new BasicAttributes();                    
      personAttributes.put("msDS-UserAccountDisabled", "FALSE");
      BasicAttributes attrs = (BasicAttributes) personAttributes;

      if(attrs!=null && attrs.size()>0)
      +{+
      +     NamingEnumeration<Attribute> attrEnum = attrs.getAll();+
      +     ModificationItem items[] = new ModificationItem[attrs.size()];                    +
      +     int count =0;+
      +     while(attrEnum.hasMoreElements())+
      +     {+
      +          ModificationItem item = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, attrEnum.next());+
      +          items[count] = item;+
      +          count++;+
      +     }                    +
      +     System.out.println("items = "+items);                    +
      +     ldapTemplate.modifyAttributes(newContactDN, items);     +
      +}+


      I am getting the following error:


      java.lang.NullPointerException
      at com.sfg.ldap.LDAPContactDAO.modifyUserAccountAfterCreation(LDAPContactDAO.java:383) //-> It is the ldapTemplate.modifyAttributes(newContactDN, items)
      at com.sfg.ldap.SpringLDAPClient.addToLDAP(SpringLDAPClient.java:76)
      at com.sfg.portlet.struts.action.AgentValidateAction.addCustomUser(AgentValidateAction.java:286)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
      at java.lang.reflect.Method.invoke(Unknown Source)
      at com.opensymphony.xwork2.DefaultActionInvocation.invokeAction(DefaultActionInvocation.java:452)
      at com.opensymphony.xwork2.DefaultActionInvocation.invokeActionOnly(DefaultActionInvocation.java:291)
      at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:254)
      at com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor.doIntercept(DefaultWorkflowInterceptor.java:176)
      at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98)
      at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
      at com.opensymphony.xwork2.validator.ValidationInterceptor.doIntercept(ValidationInterceptor.java:263)
        • 1. Re: Issue while setting "msDS-UserAccountDisabled" in ldap using JAVA
          EJP
          Please edit your code into a legible form using the {noformat}
          {noformat} tags provided.
          
          Obviously your 'ldapTemplate' is null at the point of use.                                                                                                                                                                                                                                                                                                                        
          • 2. Re: Issue while setting "msDS-UserAccountDisabled" in ldap using JAVA
            916276
            // LDAP (ADAM) user add program With password sample - working fine

            import java.io.IOException;
            import java.util.Hashtable;

            import javax.naming.Context;
            import javax.naming.NamingException;
            import javax.naming.directory.Attributes;
            import javax.naming.directory.BasicAttribute;
            import javax.naming.directory.BasicAttributes;
            import javax.naming.directory.DirContext;
            import javax.naming.directory.ModificationItem;
            import javax.naming.ldap.InitialLdapContext;
            import javax.naming.ldap.LdapContext;
            import javax.naming.ldap.StartTlsRequest;
            import javax.naming.ldap.StartTlsResponse;

            public class NewUser3Final {

                      public static void main(String[] args) {

                      Hashtable<String,String> env = new Hashtable<String, String>();
                      String adminName =      "CN=system";
                      String adminPassword = "ldapAdminPassword";
                      String userName = "cn=testUser1, cn=External, cn=Users";
                      String groupName = "cn=External, cn=Users";


                           String keystore = "C:\\Java\\jdk1.6.0_20\\jre\\lib\\security\\cacerts";
                           System.setProperty("javax.net.ssl.trustStore",keystore);

                      env.put(Context.INITIAL_CONTEXT_FACTORY,
                      "com.sun.jndi.ldap.LdapCtxFactory");

                      env.put(Context.SECURITY_AUTHENTICATION, "simple");
                      env.put(Context.SECURITY_PRINCIPAL, adminName);
                      env.put(Context.SECURITY_CREDENTIALS, adminPassword);

                      env.put(Context.PROVIDER_URL, "ldaps://test.corp.local:636:636");
                                
                      try {

                           // Create the initial directory context
                           LdapContext ctx = new InitialLdapContext(env,null);

                           // Create attributes to be associated with the new user
                      //     Attributes attrs = new BasicAttributes(true);

                           Attributes attrs = new BasicAttributes(true);
                 attrs.put("objectClass", "inetOrgperson");
                 attrs.put("cn", "testUser1");
                 attrs.put("givenName", "TestUser1");
                 attrs.put("sn", "TestUser1");
                 attrs.put("name", "testUser1");
                 attrs.put("mail", "testUser1@gmail.com");
                           
                           // Create the context
                           Context result = ctx.createSubcontext(userName, attrs);
                           System.out.println("User Created disabled account for: " + userName);

                           //set password is a ldap modfy operation
                           //and we'll update the userAccountControl
                           //enabling the acount and force the user to update ther password
                           //the first time they login
                           ModificationItem[] mods = new ModificationItem[2];          
                           //Replace the "unicdodePwd" attribute with a new value
                           //Password must be both Unicode and a quoted string
                           String newPassword = "Password123";
                           String newQuotedPassword = "\"" + newPassword + "\"";
                           byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");

                           mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword));
                           mods[1] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("msDS-UserAccountDisabled", "FALSE"));
                           // Perform the update
                           ctx.modifyAttributes(userName, mods);
                           System.out.println("Set password successfully");

                           ctx.close();
                      
                           System.out.println("Successfully created User: " + userName);
                      
                      } catch (Exception e) {
                           System.err.println("Problem creating object: " + e);               
                 }

                      
                      }
                 }