I tend to run into many JAVA coded applications which are coded simply for LDAP access, but do not utilize Active Directory as well as they could be.  Here are some resources JAVA developers can utilize to create more effective integrations.

Fortunately, there is guidance from Steven Adler and other resources out there on how to write better JAVA applications for integration with Active Directory.  I have often referred to his posts when helping developers, but it makes sense to attempt to consolidate those links here for others.  If you are a JAVA developer, bookmark this page, as I intend to update it as I discover useful information.

I attempted to break them apart into sections to where I thought there were applicable, and summarize what each post’s intended solution was for.

Note 2010-12-10 –  Based upon web logs, this seems to be a very popular page, but since Oracle acquired Java some of these links have been changed. I have gone back and attempted to find the new links. All Sun links have now been corrected to Oracle links, but please post a comment if any links still do not work.


  1. JNDI, Active Directory and Authentication (part 1) – Using the GSS-API with Kerberos for authenticating users utilizing JAAS
  2. JNDI, Active Directory & Authentication (part 2) – Using SSL or LDAPS
  3. JNDI, Active Directory & Authentication (part 3) – Using Digest-MD5
  4. JNDI, Active Directory and Authentication (Part 4) (SASL EXTERNAL) – using TLS/Certificates with the external SASL mechanism
  5. JNDI, Active Directory and Authentication (part 5) – Using the Server Fast Bind Control for authentication.
  6. JNDI, Active Directory (Creating new users & demystifying userAccountControl) – Creating new users in Active Directory
  7. Step by step instructions for LDAP SSL


  1. JAVA of the PAC – Using the Kerberos PAC for Authorization with JAVA

Directory Operations (Connect,Search)

  1. JNDI, Active Directory & Persistent Searches (part 1) – Utilizing the DirSync Control
  2. JNDI, Active Directory and Persistent Searches (part 2)
  3. JNDI, Active Directory, Paging and Range Retrieval – Effective use of paging to conform to the 1000 MaxPageSize Query Policy
  4. JNDI, Active Directory and objectGUID’s – Searching and displaying the objectGuid value
  5. JNDI, Active Directory and SID’s (Security Identifiers) – Searching and displaying the objectSid value in both friendly string, and binary format
  6. JNDI, Active Directory and LDAP Extended Controls (LDAP Stats, Verify Name)
  7. Querying deleted objects container in Active Directory using JNDI
  8. JNDI, Active Directory, Attribute Scoped Queries
  9. JNDI, Active Directory, Referrals and Global Catalog – Also useful information on using SRV DNS records for services discovery

Managing Objects

  1. JNDI, Active Directory & Changing Passwords
  2. JNDI, Active Directory and User Account status (account expired, locked)
  3. JNDI, Active Directory, Extending the schema
  4. Creating MailBox-enabled Users In Active Directory Using JNDI
  5. JNDI, Active Directory and Group Memberships – Retrieving group membership information

Other related resources for JAVA:

Technorati Tags: ,,