3

I am using LDAP Authentication, Need a help

Suppose i have a user(user1@zzservers.ad), where zzservers.ad is a UPN Alias of demo.com domain , i already know of a way to search a user in active directory by domain.

But Does anyone know about how to search a user in active directory by UPN Alias.

Actually when user user1@zzservers.ad login into the application, i want to know if user is present in AD, so as to proceed authentication further.

Any help would be hugely appreciated.

Thanks

Charu Jain
  • 852
  • 1
  • 7
  • 18
  • possible duplicate of [Fetch Domain name of UPN alias](http://stackoverflow.com/questions/22244216/fetch-domain-name-of-upn-alias) – tim_yates Mar 09 '14 at 17:30
  • I think this question is separate, it's more to the point as to finding a user instead of querying the domain configuration. – mvreijn Mar 10 '14 at 12:12
  • Hi mvreijn, so what's the way out of this, searching user by UPN, Any help on this? – Charu Jain Mar 10 '14 at 12:15

2 Answers2

4

Not sure what you are trying to accomplish but a filter like:

(userPrincipalName=jim@YOURDOMAIN.NET)

Will locate a user from the value of the userPrincipalName attribute. -jim

jwilleke
  • 10,467
  • 1
  • 30
  • 51
4

This is more an ordinary user search: 

public String findUserByUPN( LdapContext ctx, String username )
{
   // Domain name should be in DC=your,DC=domain,DC=com format
   String domain = "DC=demo,DC=com";
   String filter = "(userPrincipalName=" + username + ")" ;
   NamingEnumeration<SearchResult> results = ctx.search( domain, filter, null );
   while ( results.hasMore() )
   {
       SearchResult result = results.next();
       // If you get a result here, the user was found
       return result.getNameInNamespace();
   }
   return null;
}
mvreijn
  • 2,807
  • 28
  • 40
  • I don't have demo.com domain, i just have email user1@zzservers.ad and i want to authenticate that, i dont have any idea of which domain the user will fall. – Charu Jain Mar 11 '14 at 05:43
  • Hi Charu, for a normal LDAP search you _need_ a root context. So you have two options: either resolve the domain context (through DNS: http://stackoverflow.com/questions/749268/how-can-i-find-out-which-server-hosts-ldap-on-my-windows-domain) or use AD's _phantom root_ search control: http://msdn2.microsoft.com/en-us/library/aa366988.aspx. – mvreijn Mar 12 '14 at 09:54
  • thanks mvreijn these links really helps, my problem is solved now :) – Charu Jain Mar 13 '14 at 08:52