Mar 30th, 2010, 02:06 PM
Do I have to bind using a DN? Cant I use a Username?
I have a program that calls Active Dir using LDAP and the logic goes something like this...
The user enters their username and password.
We bind to LDAP using a static user account stored in a properties file.
We search LDAP for the user with a sAMAccount equal to the username and return the DN.
We bind using this DN and the password. This proves that the credentials were correct.
We then search for group membership etc using the static account to bind.
The problem I have is that our company wont allow us to store an account anywhere (infact they wont allow one with non expiring password either!) so there's no way I can do this initial search for DN.
...is there anyway I can bind using the username rather than the DN? If there was then I could just use whatever username and password the user entered to search for groups etc.
I know that Active Dir must allow this as if I use a tool like JXplorer then I can enter either my DN or DOMAIN\Username and it binds, but I can't figure out how to do it with Spring.
Tags for this Thread