I have a Java application that I use to search groups. It works pretty well with search based on the group name (cn) but sometimes I get more than one result since the same cn is used in other branches. I have the DN of the group and I was wondering how to do a search based on the DN or if it's possible to access the attribute directly since I have the full path. Here is the code I use :
public Group getGroup( String groupName) throws Exception {
List<User> memberList = new ArrayList<User>();
// Create the search controls
SearchControls searchCtls = new SearchControls();
// Specify the search scope
searchCtls.setSearchScope( SearchControls.SUBTREE_SCOPE );
// Specify the attributes to return
String returnedAtts[] = { MEMBER_FIELD };
searchCtls.setReturningAttributes( returnedAtts );
// Specify the LDAP search filter
String searchFilter = "(&(objectClass=group)(CN=" + groupName + "))";
// Search for objects using the filter
NamingEnumeration<SearchResult> answer = ctxMap.get( configMap.get( GROUP ) ).search( configMap.get( SEARCHBASE ), searchFilter,
searchCtls );
SearchResult sr = null;
// Loop through the search results
while ( answer.hasMoreElements() ) {
sr = (SearchResult) answer.next();
}
if ( sr == null ) {
return group;
}
// Create an attribute for memberOf
javax.naming.directory.Attribute member = sr.getAttributes().get( MEMBER_FIELD );
// Enumeration of all elements in memberOf
NamingEnumeration<?> ne = member.getAll();
// Loop though the enumeration, cut unwanted characters and add all
// elements to User List
while ( ne.hasMoreElements() ) {
...
}
}
So I want to pass the group's distinguished name as parameter to the function instead of the group's name and have the search made on that or get the attributes directly. Is this possible?
PS: this code is used to get the members of a certain group.
thank you
You don't need to search if you have the DN. Just look it up, with lookup().
