#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2009
    Posts
    2
    Rep Power
    0

    Using Novels LDAP unable to add leaf that is not a User


    Off the Applications container we have stored our Actions and our Application Roles. We are building a new application to allow us to programatically add the role privileges into the LDAP.

    I am able to add my actions (an ou entry), but not the final leaf off my actions (a cn entry).

    My java code for adding the action (node prior to the role) is:
    // This works fine
    String newfpRoleDn = preFix + "=" + fpRole + "," + fpRoleDn;
    ctx = ldapSearcher.getDirContext();
    BasicAttributes attrs = null;
    Attribute attr = null;

    attrs = new BasicAttributes();
    attr = new BasicAttribute(preFix, fpRole);
    attrs.put(attr);
    attr = new BasicAttribute("objectClass", "organizationalUnit");
    attrs.put(attr);

    ctx.createSubcontext(newfpRoleDn, attrs);
    ctx.close();

    My java code for adding the role is something like this:
    // this is not working
    BasicAttributes myAttrs = new BasicAttributes(true);
    Attribute oc = new BasicAttribute("objectclass");
    oc.add("top");
    oc.add("organizationalRole");
    myAttrs.put(oc);
    myAttrs.put("cn",newRoleDn);

    // When I use bind I get the error:
    // [LDAP: error code 17 - Undefined Attribute Type]; remaining name 'ou=ReportAdministrator_EVENSTEVENOLD,ou=DHFSDCFSdWAccess,ou=dWisacwis,ou=Applications,ou='
    ctx.bind(roleDn, newRoleDn, myAttrs);
    // When I use the createSubcontext I get the error:
    // [LDAP: error code 19 - NDS error: syntax violation (-613)]; remaining name 'cn=DHFSDCFSdWReportAdministrator_VVVVEEEEEODS,ou=Re ...
    ctx.createSubcontext(newRoleDn, myAttrs);

    ctx.close();

    I can add organizations, I can add individuals, I can add attributes to organizations or individuals. I can add actions, but I am not able to add an Application Role.

    Can someone help me please? Every example I see is adding a person. Not all adds are people.

    Thanks
  2. #2
  3. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2009
    Posts
    2
    Rep Power
    0
    Originally Posted by sharvancik
    Off the Applications container we have stored our Actions and our Application Roles. We are building a new application to allow us to programatically add the role privileges into the LDAP.

    I am able to add my actions (an ou entry), but not the final leaf off my actions (a cn entry).

    My java code for adding the action (node prior to the role) is:
    // This works fine
    String newfpRoleDn = preFix + "=" + fpRole + "," + fpRoleDn;
    ctx = ldapSearcher.getDirContext();
    BasicAttributes attrs = null;
    Attribute attr = null;

    attrs = new BasicAttributes();
    attr = new BasicAttribute(preFix, fpRole);
    attrs.put(attr);
    attr = new BasicAttribute("objectClass", "organizationalUnit");
    attrs.put(attr);

    ctx.createSubcontext(newfpRoleDn, attrs);
    ctx.close();

    My java code for adding the role is something like this:
    // this is not working
    BasicAttributes myAttrs = new BasicAttributes(true);
    Attribute oc = new BasicAttribute("objectclass");
    oc.add("top");
    oc.add("organizationalRole");
    myAttrs.put(oc);
    myAttrs.put("cn",newRoleDn);

    // When I use bind I get the error:
    // [LDAP: error code 17 - Undefined Attribute Type]; remaining name 'ou=ReportAdministrator_EVENSTEVENOLD,ou=DHFSDCFSdWAccess,ou=dWisacwis,ou=Applications,ou='
    ctx.bind(roleDn, newRoleDn, myAttrs);
    // When I use the createSubcontext I get the error:
    // [LDAP: error code 19 - NDS error: syntax violation (-613)]; remaining name 'cn=DHFSDCFSdWReportAdministrator_VVVVEEEEEODS,ou=Re ...
    ctx.createSubcontext(newRoleDn, myAttrs);

    ctx.close();

    I can add organizations, I can add individuals, I can add attributes to organizations or individuals. I can add actions, but I am not able to add an Application Role.

    Can someone help me please? Every example I see is adding a person. Not all adds are people.

    Thanks

    Should be able to use the
    ctx.createSubcontext(newRoleDn, myAttrs);
    but remove the line prior to it

    myAttrs.put("cn",newRoleDn);

    and it indeed works!!!!!
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2009
    Location
    Charlotte, NC
    Posts
    111
    Rep Power
    9
    I'm not a developer but I know LDAP pretty well. All entries added to LDAP are done the same, you build and LDIF formatted entry and then import it into the Directory server.

    My java code for adding the action (node prior to the role) is:
    // This works fine
    String newfpRoleDn = preFix + "=" + fpRole + "," + fpRoleDn;
    ctx = ldapSearcher.getDirContext();
    BasicAttributes attrs = null;
    Attribute attr = null;

    attrs = new BasicAttributes();
    attr = new BasicAttribute(preFix, fpRole);
    attrs.put(attr);
    attr = new BasicAttribute("objectClass", "organizationalUnit");
    attrs.put(attr);

    ctx.createSubcontext(newfpRoleDn, attrs);
    ctx.close();

    Now based on your code for adding the ACTION, this is what your variables mean
    preFix=ou
    fpRole=<name of Action>
    fpRoleDn=<ldap base you want to add Action to>
    BasicAttribute Objectclass=organizationalUnit

    This will build an LDIF entry like;

    dn: ou=MyAction,dc=MyDomain,dc=com
    objectclass: organizationalUnit
    ou: MyAction

    So to add a ROLE (cn=) will be the same code different vaiable values

    preFix=cn
    fpRole=<name of Role>
    fpRoleDn=<ldap base you want to add Role to which is now ou=MyAction,dc=MyDomain,dc=com>
    BasicAttribute Objectclass=organizationalRole

    This will now build an LDIF entry like;

    dn: cn=Myrole,ou=MyAction,dc=MyDomain,dc=com
    objectclass: organizationalRole
    cn: Myrole

    NOTE: objectclass=organizationalRole may have other REQUIRED attributes.
    Objectclass=organizationalUnit only requires attributes (objectclass, ou)

IMN logo majestic logo threadwatch logo seochat tools logo