无法通过spring LDAP在openDJ中更改ds-pwp-account-disabled的值

时间:2016-03-28 08:07:19

标签: java spring-ldap opendj

我正在使用openDJ for LDAP,我无法从spring ldap模板更改openDJ中的ds-pwp-account-disabled属性值。

我通过spring ldap创建了DirContextOperations类对象。当我使用spring ldap获取ds-pwp-account-disabled属性的值时,会给出它。但它不允许通过spring ldap更新ds-pwp-account-disabled属性值。你能帮我解决一下如何通过spring ldap更新ds-pwp-account-disabled属性值。我在谷歌阅读了这么多文章,可以通过springldap在opendj中修改权限问题,也可以是其他。

我正在分享一些代码,以确定我如何使用开放DJ使用spring ldap -

私人LdapTemplate ldapTemplate;

ErrorDTO createAccountIfNotExists(Account account){

    DirContextAdapter context = new DirContextAdapter(dn);
    context.setAttributeValues(OBJECTCLASS, new String[] { TOP, USERACCOUNTS });
    mapToContext(account, context);
    try {
        ldapTemplate.bind(context);

    } catch (Exception e) {
    }
    return error;
}

public LdapTemplate getLdapTemplate() {
    return ldapTemplate;
}

public void setLdapTemplate(LdapTemplate ldapTemplate) {
    this.ldapTemplate = ldapTemplate;
}

void mapToContext(Account account, DirContextOperations context) {
    context.setAttributeValue("cn", account.getFirstName());
    context.setAttributeValue("sn", account.getLastName());
    context.setAttributeValue("x-user-id", account.getUserId());
    context.setAttributeValue("mail", account.getEmail());
    context.setAttributeValue("givenname", account.getFirstName());
    context.setAttributeValue("mobile", account.getMobilePhone());
    context.setAttributeValue("telephonenumber", account.getBusinessPhone());
    context.setAttributeValue("title", account.getJobTitle());
    context.setAttributeValue("x-incident-ref", account.getIncidentRef());
    context.setAttributeValue("x-client-category", account.getClientCategory());
    context.setAttributeValue("x-organization", account.getOrganization());
    context.setAttributeValue("facsimiletelephonenumber", account.getFax());
    context.setAttributeValue("x-bureau", account.getBureau());
    context.setAttributeValue("x-company", account.getCompany());
    context.setAttributeValue("ds-pwp-account-disabled", account.getEnabled());
    if (account.getAccountCode() != null) {
        context.setAttributeValue("x-account-code", account.getAccountCode());
        context.setAttributeValue("uid", account.getAccountCode() + "#" + account.getUserId());
    } else {
        context.setAttributeValue("uid", account.getUserId());
    }

}

以下给出错误 - org.springframework.ldap.InvalidAttributeValueException:格式错误的'ds-pwp-account-disabled'属性值;嵌套异常是javax.naming.directory.InvalidAttributeValueException:格式错误的'ds-pwp-account-disabled'属性值;剩余名称'uid = coy#user8,ou =用户帐户'

2 个答案:

答案 0 :(得分:0)

ds-pwp-account-disabled属性具有LDAP语法布尔值。 OpenDJ服务器唯一接受的值是" true"和"假"。 我不是Spring LDAP的专家,但如果该属性的语法未知,我怀疑该库是否会将Java布尔值正确转换为正确的LDAP值。

答案 1 :(得分:0)

据我所知,如果条目中不存在

ds-pwp-account-disabled
属性,则用户不会被禁用=用户已启用。

所以试一试,不添加此属性是用户启用的。

if(!account.getEnabled()){ //suppose that it's returning a boolean
  context.setAttributeValue("ds-pwp-account-disabled", "true");
}