help_thumb.gif

I tend to run into many JAVA coded applications which are coded simply for LDAP access, but do not utilize Active Directory as well as they could be.  Here are some resources JAVA developers can utilize to create more effective integrations.

Fortunately, there is guidance from Steven Adler and other resources out there on how to write better JAVA applications for integration with Active Directory.  I have often referred to his posts when helping developers, but it makes sense to attempt to consolidate those links here for others.  If you are a JAVA developer, bookmark this page, as I intend to update it as I discover useful information.

I attempted to break them apart into sections to where I thought there were applicable, and summarize what each post’s intended solution was for.

Note 2010-12-10 -  Based upon web logs, this seems to be a very popular page, but since Oracle acquired Java some of these links have been changed. I have gone back and attempted to find the new links. All Sun links have now been corrected to Oracle links, but please post a comment if any links still do not work.

Authentication

  1. JNDI, Active Directory and Authentication (part 1) – Using the GSS-API with Kerberos for authenticating users utilizing JAAS
  2. JNDI, Active Directory & Authentication (part 2) – Using SSL or LDAPS
  3. JNDI, Active Directory & Authentication (part 3) – Using Digest-MD5
  4. JNDI, Active Directory and Authentication (Part 4) (SASL EXTERNAL) – using TLS/Certificates with the external SASL mechanism
  5. JNDI, Active Directory and Authentication (part 5) – Using the Server Fast Bind Control for authentication.
  6. JNDI, Active Directory (Creating new users & demystifying userAccountControl) – Creating new users in Active Directory
  7. Step by step instructions for LDAP SSL

Authorization

  1. JAVA of the PAC – Using the Kerberos PAC for Authorization with JAVA

Directory Operations (Connect,Search)

  1. JNDI, Active Directory & Persistent Searches (part 1) – Utilizing the DirSync Control
  2. JNDI, Active Directory and Persistent Searches (part 2)
  3. JNDI, Active Directory, Paging and Range Retrieval – Effective use of paging to conform to the 1000 MaxPageSize Query Policy
  4. JNDI, Active Directory and objectGUID’s – Searching and displaying the objectGuid value
  5. JNDI, Active Directory and SID’s (Security Identifiers) – Searching and displaying the objectSid value in both friendly string, and binary format
  6. JNDI, Active Directory and LDAP Extended Controls (LDAP Stats, Verify Name)
  7. Querying deleted objects container in Active Directory using JNDI
  8. JNDI, Active Directory, Attribute Scoped Queries
  9. JNDI, Active Directory, Referrals and Global Catalog – Also useful information on using SRV DNS records for services discovery

Managing Objects

  1. JNDI, Active Directory & Changing Passwords
  2. JNDI, Active Directory and User Account status (account expired, locked)
  3. JNDI, Active Directory, Extending the schema
  4. Creating MailBox-enabled Users In Active Directory Using JNDI
  5. JNDI, Active Directory and Group Memberships – Retrieving group membership information

Other related resources for JAVA:

Technorati Tags: ,,
  • http://blogs.technet.com/b/chrisdu/archive/2008/09/23/java-et-active-directory-le-mariage-de-raison. Java et Active Direc

    RE: Using JAVA code with Active Directory

    Si vous êtes développeur JAVA et que la tache incongrue de vous interfacer avec Active Directory vous

  • http://blogs.technet.com/b/chrisdu/archive/2008/09/23/java-et-active-directory-le-mariage-de-raison. Java et Active Direc

    RE: Using JAVA code with Active Directory
    Si vous êtes développeur JAVA et que la tache incongrue de vous interfacer avec Active Directory vous

  • http://itcomputerzone.com/ ricky

    Interesting post, it helps me in my research, thanks!

  • http://itcomputerzone.com/ ricky

    Interesting post, it helps me in my research, thanks!

  • chandan

    can some one tell me the code,on how to search an user in Active Directory using Java code

  • kaushik

    User gets authenticated using LDAP, then thru GSS he needs to access(read) the data across other domains without re-authentications on a kerberos server. Please provide a java code for drawing a resolution on this. Urgently needed

  • kaushik

    User gets authenticated using LDAP, then thru GSS he needs to access(read) the data across other domains without re-authentications on a kerberos server. Please provide a java code for drawing a resolution on this. Urgently needed

  • Pingback: WorkPapers Software, Java, Google Web Toolkit, and DCMA- Kirt Cathey, NH2GX, JG1FXZ

  • Troy Richard

    This code has been extremely helpful. However I'm having an issue with the changing of the password section. I have added this for the trustStore stuff. String keystore = "C:Program FilesIBMSDPjdkjrelibsecuritycacerts"; System.setProperty("javax.net.ssl.trustStore", keystore);However when I connect now I get a socket exception at the tls.negotiate(); line.Any ideas what might be causing this or how I can get more detail on the error?

  • Ramesh

    Hai Troy,

    Could u pls try the "Unix path separator" .. "/" instead of Windows Path separator (""). or use double as a path separator

  • Khan Fahad

    These links are not working now. Can you please update these links.

    Thanks,
    Baber

    • http://jeftek.com Jef

      Sure I will research and update links this week

    • http://twitter.com/JefTek Jef

      Khan,

    • http://jeftek.com Jef

      Khan,

      I went back and found all the new Oracle links to the posts since they purchased Java. All the previous links should now work.

      Thanks for letting me know so that I could fix it.

      Jef

  • http://www.facebook.com/people/Adam-Paeth/1060700038 Adam Paeth

    With the move to Oracle’s forums, all the sun forum links are incorrect. Here are the links for the Authentication section==Authentication==JNDI, Active Directory and Authentication (part 1) http://forums.oracle.com/forum…JNDI, Active Directory & Authentication (part 2) http://forums.oracle.com/forum…JNDI, Active Directory & Authentication (part 3) http://forums.oracle.com/forum…JNDI, Active Directory and Authentication (Part 4) (SASL EXTERNAL) http://forums.oracle.com/forum…JNDI, Active Directory and Authentication (part 5) http://forums.oracle.com/forum…JNDI, Active Directory (Creating new users & demystifying userAccountContro http://forums.oracle.com/forum…Step by step instructions for LDAP SSL http://forums.oracle.com/forum

  • http://twitter.com/Abhishek20c Abhishek Chowdhury
  • humeau xavier

    Voici l'adresse d'une librairie permettant de travailler avec AD de facon easy ;) http://code.google.com/p/jedi-obi/

  • Pingback: xmpp single sign on sso

  • Manuel PAYET

    So helpful !
    Could you make sure that we can see the structure of the article. I saw that you made ​​the effort to prioritize information … unfortunately it does not show! I do not notice the titles, such as “Authorization” or “Managing Objects”, you took the trouble to put in H3 tags. It is the same for lists under each title.