Geek Answers Handbook

Java LDAP - Add Group to User Problem - Error Code 53 - WILL_NOT_PERFORM

I am trying to add a user to Active Directory. I mean:

  • Using SSL
  • Certificate ok
  • Password works fine

If there is no group association, the user will be created correctly.

When I try to associate a user with a group, I get the following error:
javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000209A: SvcErr: DSID-031A1021, issue 5003 (WILL_NOT_PERFORM), data 0

I used the group attributes DN and NAME, but no one worked. My code is:

ctx = getContext(); ctx.createSubcontext(entryDN,entry); // it works fine Attribute memberOf1 = new BasicAttribute("memberOf","NAME_OF_THE_GROUP"); Attributes atts = new BasicAttributes(); atts.put(memberOf1); ctx.modifyAttributes(entryDN, LdapContext.ADD_ATTRIBUTE, atts); // ## it doesn't work

I tried LdapContext.ADD_ATTRIBUTE and LdapContext.REPLACE_ATTRIBUTE. In addition, I tried to add a group with other attributes, but the whole situation gave me the same error.

Does anyone know what is going on?

Hooray!

+7
java active-directory ldap
source share
3 answers

memberOf is a constructed attribute. You should add the user to the property of the group member, and not add the group to the userOf property of the user.

+13
source share

Solution Code:

 BasicAttribute member = new BasicAttribute("member",entryDN); Attributes atts = new BasicAttributes(); atts.put(member); ctx.modifyAttributes("GROUP_DN", LdapContext.ADD_ATTRIBUTE, atts);

Thanks Hall72215.

+4
source share

Try using it, it works for me

 ModificationItem[] mods = new ModificationItem[1]; String userDn="cn=user name,CN=Users,DC=domain,DC=com" String groupDn="cn=Group Name,CN=Groups,DC=domain,DC=com" Attribute mod =new BasicAttribute("member",userDn); mods[0] =new ModificationItem(DirContext.ADD_ATTRIBUTE, mod); ldapContext.modifyAttributes(groupDn, mods);
+3
source share

More articles:


All Articles