Random Thoughts

I will be speaking at LDAPCON this year. Here are more details of my talk on Lanyrd.

I am excited to share that my “Practical Spring LDAP” book is now available on Amazon.

This is the only book the provides a complete coverage of Spring LDAP Framework. More details are available at the book’s website.

Ldap Servers maintain operational attributes (introduced in version 3) for administrative purposes. For example, the Tivoli Directory Server maintains the pwdAccountLockedTime operational attribute to record the time a user’s account got locked.

These operational attributes are unique in the sense that they are not part of an object class and are not returned unless they are explicitly requested by name. Here are two ways of reading operational attributes using Spring Ldap:

Using lookup:

LdapTemplate ldapTemplate = new LdapTemplate(context);
ldapTemplate.lookup("USER_DN", new String[]{"OPERATIONAL_ATTR"}, new ContextMapper(){
		@Override
		public Object mapFromContext(Object ctx)
		{
			DirContextAdapter context = (DirContextAdapter)ctx;
			return context.getStringAttributes("OPERATIONAL_ATTR");
		} }); 

Using Search:

LdapTemplate ldapTemplate = new LdapTemplate(context);
ldapTemplate.search("SEARCH_BASE", "uid=UNIQUE_USER_NAME", 1, new String[]{"OPERATIONAL_ATTR"}, new ContextMapper(){
		@Override
		public Object mapFromContext(Object ctx)
		{
			DirContextAdapter context = (DirContextAdapter)ctx;
			return context.getStringAttributes("OPERATIONAL_ATTR");
		} });