Hello,

Java and its native libraries to work with OpenLDAP in our application. 

I need to be able to associate users to groups and this part works file. I can do an ldap search and I can see the membership

ie:

dn: cn=NURSE,ou=roles,dc=mydir,dc=com

uniqueMember: uid=Suneet.LDAP-TEST-1,ou=users,dc=mydir,dc=com

ldif for Role

dn: ou=roles,dc=mydir,dc=com

objectClass: top

objectClass: organizationalUnit

ou: roles

Sample user that created for above:

dn: uid=Suneet.LDAP-TEST-1,ou=users,dc=mydir,dc=com

preferredLanguage: E

displayName: LDAP-TEST-1,Suneet

employeeType: PERM FULL TIME

userPassword:: cGFzc3dvcmQ=

ou: OpenIAM

givenName: Suneet

uid: Suneet.LDAP-TEST-1

telephoneNumber: 234-123-4567

mail: suneet_shah@openiam.com

cn: Suneet LDAP-TEST-1

manager: uid=abc,ou=users,dc=mydir,dc=com

o: OpenIAM

departmentNumber: -

sn: LDAP-TEST-1

title: Test User

x-com-mydir-userStatus: Inactive

objectClass: top

objectClass: person

objectClass: organizationalPerson

objectClass: inetOrgPerson

objectClass: DIRUser

I also need to be able to remove users from a group. In this case, I am looking up the user to see if they a have memberOf attribute. However, when I do this, my search results are always empty. My code and search filter are below. Any thoughts on what I am doing wrong?  I tried this OpenDS and it works, but I need to get this work with OpenLDAP.  Also I noticed that my user in ldap does not contain any attributes that show membership to a group.  I have pasted below my code where I add a user to a group incase that is the source of my error

Code snippet to search for a user before adding/removing from a group:

       String[] attrIds = {"memberOf", "isMemberOf"};

        NamingEnumeration results = null;

        try {

            SearchControls searchCtls = new SearchControls();

            searchCtls.setReturningAttributes(attrIds);

            String searchFilter =" (&(objectclass=inetOrgPerson)(uid=Suneet.LDAP-TEST-1))"

            results = ldapctx.search(objectBaseDN, searchFilter, searchCtls);

Code to add a users to a group:

ModificationItem mods[] = new ModificationItem[1];

mods[0] = new ModificationItem(DirContext.ADD_ATTRIBUTE, new BasicAttribute("uniqueMember", ldapName));

ldapctx.modifyAttributes(s, mods);

                                    

thanks for your help