3

I have a Spring Boot application that uses LDAP to authenticate the users. For the users, I am mapping the attributes from AD and populating the values like the user's first name, last name, department, email, telephone, and also the image. However, I am unable to get the employee number from the attributes. When I check the attributes using the tool Active Directory explorer, I am able to see 88 attributes per entry. However, when I print every attribute from the context using this code, 

@Bean
public UserDetailsContextMapper userDetailsContextMapper() {
    return new LdapUserDetailsMapper() {
        @Override
        public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authorities) {

            String email = ctx.getStringAttribute("mail");
            String department = ctx.getStringAttribute("department");
            String empNumber = ctx.getStringAttribute("employeeNumber");
            System.out.println(empNumber); // this prints null

            System.out.println(ctx.attributeExists("employeeNumber")); // this prints false



            byte[] value= (byte[])ctx.getObjectAttribute("thumbNailPhoto");
            BASE64Encoder base64Encoder = new BASE64Encoder();
            StringBuilder imageString = new StringBuilder();
            imageString.append("data:image/jpg;base64,");
            imageString.append(base64Encoder.encode(value));
            String image = imageString.toString();

            Attributes attributes = ctx.getAttributes();

            NamingEnumeration<? extends Attribute> namingEnumeration = attributes.getAll();

            try {
                while(namingEnumeration.hasMore()){ 
                 /*this loop prints 75 attributes but employeeNumber attribute is missing along with some other attributes*/
                    Attribute attribute = namingEnumeration.next();
                    System.out.println(attribute); 
                }
            } catch (NamingException e) {
                e.printStackTrace();
            }

            CustomUserDetails userDetails = (CustomUserDetails)userService.loadUserByUsername(username);
            userDetails.setImage(image);
            userDetails.setEmail(email);
            userDetails.setDepartment(department);

            return userDetails;
        }
    };
}

only 75 attributes are printed. Why is it that some of the attributes are not retrieved? how can i access those attributes?

K. G
  • 31
  • 1
  • 7
  • 1
    Does the `employeeNumber` attribute have a value? It usually only gets attributes that have values. – Gabriel Luci Mar 21 '18 at 12:40
  • Yes, it does have a value. – K. G Mar 21 '18 at 17:07
  • 1
    If it may help somebody, this is what I did to solve this issue. I was connecting to port 3268, now I have changed it to port 389. Read this[link](https://technet.microsoft.com/en-us/library/cc978012.aspx) to understand the differences between the two ports. Please note that this is much slower. Then, I updated the groupSearchBase to be more specific. (Earlier, it was only DC=mydomain,DC=com. Now it is OU=mygroup,DC=mydomain,DC=com) – K. G Mar 23 '18 at 06:08
  • Ahh, yes. That makes sense. The attribute is not replicated to the global catalog by default. You can make it replicate to the GC, if you want. That involves updating the attribute in the Schema. – Gabriel Luci Mar 23 '18 at 12:10
  • @K.G I am keen to do something very similar. Do you have a link to the full class? What class did this go in? – Al Grant May 27 '19 at 18:57
  • You should post it as the answer, @K.G – Jaumzera May 20 '20 at 15:24

1 Answers1

0

I think you need to expand array elements like memberof.

Try this.. it may help.

Attribute attribute = namingEnumeration.next();
System.out.println(attribute); 
System.out.println(attribute.size());

if size is greater than one.. expand it again

Durga
  • 141
  • 1
  • 4