How to get LDAP unboundid AttributeSyntax?_问答_开发者

How to get LDAP unboundid AttributeSyntax?

开发者 https://www.devze.com 2023-03-06 17:18 出处：网络

I\'m trying to find out the unboundid AttributeSyntax type for a specific attribute name and it\'s simply not working.

I'm trying to find out the unboundid AttributeSyntax type for a specific attribute name and it's simply not working.

Here's the example test code that I'm using to achieve this:

    @Test
    public void testLDAPSchema() {
    try {
        LDAPConnection connection = new LDAPConnection();
        connection.connect("hessmain", 389);
        connection.bind("CN=Administrator,CN=Users,DC=FISHBOWL,DC=NET", "password");

        Schema s = connection.getSchema();

        System.out.println(s.toString());

        AttributeTypeDefinition atd = s.getAttributeType("directReports");

        Set<AttributeTypeDefinition> oat = s.getOperationalAttributeTypes();
        Set<AttributeSyntaxDefinition> l = s.getAttributeSyntaxes();

        AttributeSyntaxDefinition asd1 = s.getAttributeSyntax(atd.getOID());
        AttributeSyntaxDefinition asd2 = s.getAttributeSyntax(atd.getSyntaxOID());
        AttributeSyntaxDefinition asd3 = s.getAttributeSyntax(atd.getBaseSyntaxOID());

        connection.close();
    } catch (Exception e) {
        Assert.fail(e.getMessage());
 开发者_如何学Python   }
    }

From the above code, all the sets are empty. This also means that no matter which OID I pass to the schema getAttributeSyntax method that I will simply get a null return.

Is there any reason why I can't get the attribute syntaxes from an Active Directory server schema?

Thanks

I don't think that this is specific to the UnboundID LDAP SDK for Java. I'm not sure that Active Directory exposes this information over LDAP. When I perform a general LDAP search to retrieve schema information, I can see the attributeTypes and objectClasses attributes, but ldapSyntaxes isn't returned (and in fact ldapSyntaxes doesn't appear in the list of attribute types).

Similarly, none of the attribute type definitions includes a USAGE element, which is what is used to indicate that the attribute type is operational (e.g., "USAGE directoryOperation").

It may well be that Active Directory simply doesn't report this information at all. It could be that it provides some other non-standard way to get this information (e.g., a control or extended operation, or some other entry that can be retrieved), but if there is then I don't know about it.