Using JNDI to search full AD tree?

HCL Domino Domino Forum
1

Hi, I’m getting the following exception from an agent that uses JNDI to search Active Directory:

javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name ‘’

Here is the code:

import lotus.domino.*;

import javax.naming.*;

import javax.naming.directory.*;

import java.util.Hashtable;

import java.util.Vector;

public class JavaAgent extends AgentBase {

public void NotesMain() {

	String userName="dcboon";

	

	try {

		Session session = getSession();

		AgentContext agentContext = session.getAgentContext();



	// Hashtable stores LDAP connection specifics.

		Hashtable env = new Hashtable();

		env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");

		env.put(Context.PROVIDER_URL, "ldap://eng.ashes.never:389/DC=TEST,DC=IE");

		env.put(Context.SECURITY_PRINCIPAL, "CN=L D. dapsearch,OU=ou1,OU=ou2,OU=ou3,DC=TEST,DC=IE");

		env.put(Context.SECURITY_CREDENTIALS, "52cans0beer");



		DirContext ctx = new InitialDirContext(env);



		// Specify the ids of the attributes to return

		String[] attrIDs = {"postOfficeBox"};

		SearchControls ctls = new SearchControls();

		ctls.setReturningAttributes(attrIDs);

		ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);

		

		// Specify the search filter to match

		String filter = "(&(sAMAccountName=" + userName + ")(postOfficeBox=*))";

		

		// Search the subtree for objects by using the filter

		NamingEnumeration answer = ctx.search("", filter, ctls);

		

		while (answer.hasMore()) {

		    SearchResult sr = (SearchResult)answer.next();

		    System.out.println(">>>" + sr.getName());

		    Attributes attrs = sr.getAttributes();

		    System.out.println(attrs.get("postOfficeBox").get()); 							    

		}

		answer.close();

		ctx.close();			

		

	} catch(Exception e) {

		e.printStackTrace();

	} 

}

}

Full error details:

javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name ‘’

at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2528)



at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2502)



at com.sun.jndi.ldap.LdapNamingEnumeration.getNextBatch(LdapNamingEnumeration.java:145)



at com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(LdapNamingEnumeration.java:181)



at JavaAgent.NotesMain(JavaAgent.java:37)



at lotus.domino.AgentBase.runNotes(Unknown Source)



at lotus.domino.NotesThread.run(NotesThread.java:208)

Error cleaning up agent threads

Now, a couple of hours between notes.net and google have me thinking the problem is here:

Context.PROVIDER_URL, “ldap://eng.ashes.never:389/DC=TEST,DC=IE”

becasue I’m starting my search from the base of the AD tree (which is what I want).

Sun say this can normally be fixed using referrals, but AD doesn’t support this.

Has anyone figured out a way to search the whole tree using JNDI?

Thanks in advance.

2

Subject: Using JNDI to search full AD tree?

Have a look at this URLhttp://www-10.lotus.com/ldd/sandbox.nsf/0/c46c671f7611110a85256df60078e910?OpenDocument

Then my next piece of advice is to use the AD LDAP browser (LDE) to recheck your settings, because they look funny to me.

Regards

Rolf Pfotenhauer

3

Subject: Using JNDI to search full AD tree?

OK, I seem to have sorted this out. Just to clarify, the agent was returning the correct results - I was just concerned that the error, and in particular the “Error cleaning up agent threads” may have lead to a memory leak.

I put another little try/catch in as below:

		try {

			while (answer.hasMore()) {

			    SearchResult sr = (SearchResult)answer.next();

			    System.out.println(">>>" + sr.getName());

			    Attributes attrs = sr.getAttributes();

				System.out.println(attrs.get("postOfficeBox").get()); 							    

			}

		}

		catch(PartialResultException e) {

			//e.printStackTrace();

		}

		answer.close();

		ctx.close();

So that the error was ignored. Notes doesn’t complain about cleaning up the agent now.