This discussion is archived
2 Replies Latest reply: Aug 28, 2012 3:29 AM by 916276 RSS

Issue while setting "msDS-UserAccountDisabled" in ldap using JAVA

916276 Newbie
Currently Being Moderated
I have successfully created one user in LDAP using JAVA API.

But when I tried to modify the "*msDS-UserAccountDisabled*" attribute to "*FALSE*" is gave me error.

My code snippet:

Attributes personAttributes = new BasicAttributes();                    
personAttributes.put("msDS-UserAccountDisabled", "FALSE");
BasicAttributes attrs = (BasicAttributes) personAttributes;

if(attrs!=null && attrs.size()>0)
+     NamingEnumeration<Attribute> attrEnum = attrs.getAll();+
+     ModificationItem items[] = new ModificationItem[attrs.size()];                    +
+     int count =0;+
+     while(attrEnum.hasMoreElements())+
+     {+
+          ModificationItem item = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,;+
+          items[count] = item;+
+          count++;+
+     }                    +
+     System.out.println("items = "+items);                    +
+     ldapTemplate.modifyAttributes(newContactDN, items);     +

I am getting the following error:

at com.sfg.ldap.LDAPContactDAO.modifyUserAccountAfterCreation( //-> It is the ldapTemplate.modifyAttributes(newContactDN, items)
at com.sfg.ldap.SpringLDAPClient.addToLDAP(
at com.sfg.portlet.struts.action.AgentValidateAction.addCustomUser(
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.opensymphony.xwork2.DefaultActionInvocation.invokeAction(
at com.opensymphony.xwork2.DefaultActionInvocation.invokeActionOnly(
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(
at com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor.doIntercept(
at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(
at com.opensymphony.xwork2.validator.ValidationInterceptor.doIntercept(
  • 1. Re: Issue while setting "msDS-UserAccountDisabled" in ldap using JAVA
    EJP Guru
    Currently Being Moderated
    Please edit your code into a legible form using the {noformat}
    {noformat} tags provided.
    Obviously your 'ldapTemplate' is null at the point of use.                                                                                                                                                                                                                                                                                                                        
  • 2. Re: Issue while setting "msDS-UserAccountDisabled" in ldap using JAVA
    916276 Newbie
    Currently Being Moderated
    // LDAP (ADAM) user add program With password sample - working fine

    import java.util.Hashtable;

    import javax.naming.Context;
    import javax.naming.NamingException;
    import javax.naming.ldap.InitialLdapContext;
    import javax.naming.ldap.LdapContext;
    import javax.naming.ldap.StartTlsRequest;
    import javax.naming.ldap.StartTlsResponse;

    public class NewUser3Final {

              public static void main(String[] args) {

              Hashtable<String,String> env = new Hashtable<String, String>();
              String adminName =      "CN=system";
              String adminPassword = "ldapAdminPassword";
              String userName = "cn=testUser1, cn=External, cn=Users";
              String groupName = "cn=External, cn=Users";

                   String keystore = "C:\\Java\\jdk1.6.0_20\\jre\\lib\\security\\cacerts";


              env.put(Context.SECURITY_AUTHENTICATION, "simple");
              env.put(Context.SECURITY_PRINCIPAL, adminName);
              env.put(Context.SECURITY_CREDENTIALS, adminPassword);

              env.put(Context.PROVIDER_URL, "ldaps://test.corp.local:636:636");
              try {

                   // Create the initial directory context
                   LdapContext ctx = new InitialLdapContext(env,null);

                   // Create attributes to be associated with the new user
              //     Attributes attrs = new BasicAttributes(true);

                   Attributes attrs = new BasicAttributes(true);
         attrs.put("objectClass", "inetOrgperson");
         attrs.put("cn", "testUser1");
         attrs.put("givenName", "TestUser1");
         attrs.put("sn", "TestUser1");
         attrs.put("name", "testUser1");
         attrs.put("mail", "");
                   // Create the context
                   Context result = ctx.createSubcontext(userName, attrs);
                   System.out.println("User Created disabled account for: " + userName);

                   //set password is a ldap modfy operation
                   //and we'll update the userAccountControl
                   //enabling the acount and force the user to update ther password
                   //the first time they login
                   ModificationItem[] mods = new ModificationItem[2];          
                   //Replace the "unicdodePwd" attribute with a new value
                   //Password must be both Unicode and a quoted string
                   String newPassword = "Password123";
                   String newQuotedPassword = "\"" + newPassword + "\"";
                   byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");

                   mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword));
                   mods[1] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("msDS-UserAccountDisabled", "FALSE"));
                   // Perform the update
                   ctx.modifyAttributes(userName, mods);
                   System.out.println("Set password successfully");

                   System.out.println("Successfully created User: " + userName);
              } catch (Exception e) {
                   System.err.println("Problem creating object: " + e);               



  • Correct Answers - 10 points
  • Helpful Answers - 5 points