我正在尝试使用JNDI向LDAP服务器添加条目。我可以成功读取LDAP服务器中的条目。但是当我尝试添加新条目时,我收到错误。我检查了各种方法但是我失败了。
I am trying to add an entry to an LDAP server using JNDI. I could successfully read the entries from the LDAP server. But when I try to add a new entry I am getting the errors. I checked various ways but I failed.
private String getUserAttribs (String searchAttribValue) throws NamingException{ SearchControls ctls = new SearchControls(); ctls.setSearchScope(SearchControls.OBJECT_SCOPE); Attributes matchAttrs = new BasicAttributes(true); matchAttrs.put(new BasicAttribute("uid", searchAttribValue)); NamingEnumeration answer = ctx.search("ou=People,ou=ABCLdapRealm,dc=abcdomain",matchAttrs); SearchResult item =(SearchResult) answer.next(); // uid userpassword description objectclass wlsmemberof sn cn return item.toString(); }这项工作正常。
然后我向前迈了一步,试图添加一个条目。代码如下。
Then I moved a step forward and tried to add an entry. The code is as follows.
public static void bindEntry(DirContext dirContext)throws Exception{ Attributes matchAttrs = new BasicAttributes(true); // uid userpassword description objectclass wlsmemberof sn cn matchAttrs.put(new BasicAttribute("uid", "defaultuser")); matchAttrs.put(new BasicAttribute("userpassword", "password")); matchAttrs.put(new BasicAttribute("description", "defaultuser")); matchAttrs.put(new BasicAttribute("cn", "defaultuser")); matchAttrs.put(new BasicAttribute("sn", "defaultuser")); matchAttrs.put(new BasicAttribute("objectclass", "top")); matchAttrs.put(new BasicAttribute("objectclass", "person")); matchAttrs.put(new BasicAttribute("objectclass", "organizationalPerson")); matchAttrs.put(new BasicAttribute("objectclass","inetorgperson")); matchAttrs.put(new BasicAttribute("objectclass", "wlsUser")); String name="uid=defaultuser"; InitialDirContext iniDirContext = (InitialDirContext)dirContext; iniDirContext.bind(name,dirContext,matchAttrs); }但是我得到了一个例外。
But with this I am getting an exception.
Exception in thread "main" javax.naming.OperationNotSupportedException: [LDAP: error code 53 - Unwilling To Perform]; remaining name 'uid=defaultuser'我肯定是在违反某些内容。对此有任何想法吗?
Definitely I am violating something. Any idea on this?
推荐答案LDAP 53,不愿意执行,通常意味着它所说的。您尝试从LDAP服务器角度执行非法操作。
LDAP 53, Unwilling to Perform, usually means what it says. You tried to do something 'illegal' from the LDAP servers perspective.
首先猜测,不太可能,你指的是eDirectory吗?如果是这样,添加sn非常重要,因为eDirectory架构中必须在创建时提供Surname值。在这种情况下,您可能会得到一个稍微不同的错误,更像是608或611错误。
First guess, unlikely though, are you pointing at eDirectory? If so, adding sn is important as it is mandatory in eDirectory's schema to provide a Surname value at create time. In which case, you would probably get a slightly different error, more like a 608 or 611 error.
第二个猜测,你是指向Active Directory,在这种情况下是fullName是一个强制属性。但在这种情况下,您通常会得到一个略微不同的结果代码。应该在错误中有更多。 (虽然这可能是JNDI的回归而不是我使用的工具)。
Second guess, you are point at Active Directory, in which case fullName is a mandatory attribute. But in that case, you also usually get a slightlty different result code. Ought to have more in the error. (Though this might be JNDI's return versus the tools I am used too).
第三个猜测,你指的是别人的LDAP服务器并且你错过了一个强制属性架构。
Third guess, you are pointing at someone elses LDAP server and you have missed a mandatory attribute in the schema.
实际上,这可能是一个对象类问题。 wlsUser是辅助类还是真正的类?在你的目录中,inetorgperson是真实的(我正在为这类类的名称消隐,还有aux,structural和其他东西)类吗?
In fact, maybe it is an object class issue. Is wlsUser an auxiliary class, or a real class? Is inetorgperson a real (I am blanking on the name for this type of class, there is aux, structural, and something else) class in your directory?
我的基本猜测是你错过了一个强制属性并且违反了目标目录中的模式,我希望上面列出的缺少强制性的可能示例是有帮助的。
My basic guess is you have missed a mandatory attribute and are violating schema in your target directory, and I hope the possible examples of missing mandatory's listed above is helpful.
更多推荐
使用JNDI添加LDAP条目
发布评论