Announcement Announcement Module
Collapse
No announcement yet.
Cannot change distinguishedName Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cannot change distinguishedName

    Hello!
    Whenever I try to change the distinguishedName of an exisiting user I get the following error:

    javax.naming.directory.InvalidAttributeValueExcept ion: Malformed 'distinguishedName' attribute value

    I do not know the reason for that, this is the code:
    Code:
    public boolean updateUser(ADUser user) {
    		try {
    			AttributeConfig attr = new AttributeConfig();
    			
    			String currentDistinguishedName = user.getDistinguishedName();
    			log.debug("Current distinguished name: "+currentDistinguishedName);
    			
    			// Now we create the new dinstinguished name for the object
    			String newDistinguishedName = "";
    			String[] temp = user.getDistinguishedName().split(",");
    			for(int i=0; i<temp.length; i++) {
    				if(i==0)
    					newDistinguishedName += "CN="+user.getName();
    				else if(temp[i].contains("DC="))
    					newDistinguishedName += "";
    				else
    					newDistinguishedName += ","+temp[i];
    			}
    			newDistinguishedName = newDistinguishedName.replace(" ", "");
    			log.debug("New distinguished name: "+newDistinguishedName);
    			
    			ModificationItem[] modItems = new ModificationItem[] { 
    					new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("lastName"), user.getLastname())),
    					new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("firstName"), user.getFirstname())),
    					new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("distinguishedName"), new DistinguishedName(newDistinguishedName))),
    					new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("name"), user.getName())),
    					new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("displayName"), user.getName())),
    					new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("description"), user.getDescription())),
    					new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("telephone"), user.getTelephone())),
    					new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("officePhone"), user.getOfficePhone())),
    					new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("mobilephone"), user.getMobilephone())),
    					//new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("email"), user.getEmail())),
    					new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("street"), user.getStreet())),
    					new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("streetAddress"), user.getStreetAddress())),
    					new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("plz"), user.getPlz())),
    					new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("city"), user.getCity()))
    					
    			};
    		    
    		    /**
    		     * This is a workaround for the springldap base problem.
    		     * If a AD base is defined in the springldap.xml file it is not possible to
    		     * use the complete distinguished name because this includes the base of the AD.
    		     * Therefore it is necessary to remove the base from the dinstinguished name.
    		     * This is done in the following lines
    		     */
    		    try {
    		    	String dn[] = currentDistinguishedName.split(",DC");
    		    	log.debug("Current formated distinguished name: "+dn[0]);
    		    	 // "cn=Max Mustermann,ou=Internal,ou=myUnit,ou=myUpperUnit"
    		    	ldapTemplate.modifyAttributes(dn[0], modItems);
    		    	return true;
    		    }
    		    catch(ArrayIndexOutOfBoundsException e ) {
    		    	log.error("Domain controller split did not work, dn size is null!", e);
    		    	return false;
    		    }
    		} 
    		catch ( Exception e ) {
    			log.error( "updateUser(ADUser user)", e);
    			return false;
    		}
    I hope someone can help me!
    Florian

  • #2
    if you want to change DN, use rename operation on the LDAPTemplate.
    http://static.springsource.org/sprin...ax.naming.Name, javax.naming.Name)

    Comment


    • #3
      Thank you for your answer. I I try to use rename I get also an exception:
      Code:
      org.springframework.ldap.UncategorizedLdapException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 80 - 00002089: UpdErr: DSID-031B0CEC, problem 5012 (DIR_ERROR), data 2]
      remaining name 'cn=MustermannAnton, ou=Customers, ou=Users, ou=Company'
      This is my program code:
      Code:
      public boolean updateUser(ADUser user) {
      		try {
      			AttributeConfig attr = new AttributeConfig();
      			
      			String currentDistinguishedName = user.getDistinguishedName();
      			log.debug("Old distinguished name: "+currentDistinguishedName);
      			
      			// First: change the attributes of the ad object
      			ModificationItem[] modItems = new ModificationItem[] { 
      					new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("lastName"), user.getLastname())),
      					new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(attr.getProperty("firstName"), user.getFirstname())),					
      			};
      			
      			try {
      		    	String dn[] = currentDistinguishedName.split(",DC");
      		    	log.debug("Current formated distinguished name: "+dn[0]);
      		    	 // "cn=Max Mustermann,ou=Internal,ou=myUnit,ou=myUpperUnit"
      		    	ldapTemplate.modifyAttributes(dn[0], modItems);
      		    	log.debug("User modification successfully finished!");
      		    }
      		    catch(ArrayIndexOutOfBoundsException e ) {
      		    	log.error("Domain controller split did not work, dn size is null!", e);
      		    }
      			
      			// Second: change the distinguishedName
      			String newDistinguishedName = "";
      			String[] temp = user.getDistinguishedName().split(",");
      			for(int i=0; i<temp.length; i++) {
      				if(i==0)
      					newDistinguishedName += "CN="+user.getName().replace(" ", "");
      				//else if(temp[i].contains("DC="))
      					//newDistinguishedName += "";
      				else
      					newDistinguishedName += ","+temp[i];
      			}
      			
      			String dn[] = currentDistinguishedName.split(",DC");
      			DistinguishedName oldDn = new DistinguishedName(dn[0]);
      			DistinguishedName newDn = new DistinguishedName(newDistinguishedName);
      			
      			log.debug("Old distinguished name: "+oldDn);
      			log.debug("New distinguished name: "+newDistinguishedName);
      			
      			
      			// Replace the old Distinguished Name;
      			ldapTemplate.rename(oldDn.encode(), newDn.encode());
      			log.debug("DistinguishedName change successfully finished.");
      			
      			return true;
      		}
      		catch(Exception e) {
      			log.error("Error during updateUser", e);
      			return false;
      		}
      	}
      I do not find the error, perhaps someone can help me.
      Florian

      Comment


      • #4
        00002089 = ERROR_DS_NO_PARENT_OBJECT

        Is the exception thrown in the ldapTemplate.rename(...)
        Can you try a rename with simple hardcoded DNs and see.

        Comment


        • #5
          I have refactoired the code:
          Code:
          public void changeDitinguishedName(String oldDN, String newDN) {
          		DistinguishedName oldDn = new DistinguishedName(oldDN);
          		DistinguishedName newDn = new DistinguishedName(newDN);
          		
          		log.debug("Old distinguished name: "+oldDn);
          		log.debug("New distinguished name: "+newDn);
          		
          		
          		// Replace the old Distinguished Name;
          		ldapTemplate.rename(oldDn.encode(), newDn.encode());
          		log.debug("DistinguishedName change successfully finished.");
          	}
          An wrote a main test class:
          Code:
          public static void main(String[] args) {
          		
          		
          		Resource resource = new ClassPathResource("springldap.xml");
          		BeanFactory factory = new XmlBeanFactory(resource);
          		
          		ADControllerInterfaceImpl userController = (ADControllerInterfaceImpl)factory.getBean("adManagerController");
          		
          		String oldDn= "CN=Donald Mustermann,OU=Internal,OU=Users,OU=Test";
          		String newDn= "CN=MustermannDonald,OU=Internal,OU=Users,OU=Test,DC=mydomain,DC=at";
          		
          		userController.changeDitinguishedName(oldDn, newDn);
          	}
          However I get the same excepption:
          Code:
          Exception in thread "main" org.springframework.ldap.UncategorizedLdapException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 80 - 00002089: UpdErr: DSID-031B0CEC, problem 5012 (DIR_ERROR), data 2]
          
          Caused by: javax.naming.NamingException: [LDAP: error code 80 - 00002089: UpdErr: DSID-031B0CEC, problem 5012 (DIR_ERROR), data 2]
          I hope this will help.
          Thanks,
          Florian

          Comment


          • #6
            Are you initializing the connection with a base?
            What will happen if you try;
            String newDn= "CN=MustermannDonald,OU=Internal,OU=Users,OU=T est" does it fail still?

            Comment

            Working...
            X