Create user in OID

Using the Oracle-supplied Java SDK’s
The sample code below uses the OID SDK’s to bind to the OID directory server and then create a new user under a specific location in the directory tree.

import oracle.ldap.util.*;
import oracle.ldap.util.jndi.*;
import javax.naming.NamingException;
import javax.naming.directory.*;
import java.io.*;
import java.util.*;
 
public class NewUser
{
final static String ldapServerName = "mlc2.acme.org";
final static String ldapServerPort = "3060";
final static String rootdn = "cn=orcladmin";
final static String rootpass = "welcome1";
 
public static void main(String argv[]) throws NamingException
{
// Create the connection to the ldap server
InitialDirContext ctx = ConnectionUtil.getDefaultDirCtx(ldapServerName,
ldapServerPort,
rootdn,
rootpass);
 
// Create the subscriber object using the default subscriber
Subscriber mysub = null;
String [] mystr = null;
try {
RootOracleContext roc = new RootOracleContext(ctx);
mysub = roc.getSubscriber(ctx, Util.IDTYPE_DN, "dc=acme,dc=org", mystr);
}
catch (UtilException e) {
e.printStackTrace();
}
 
// Create ModPropertySet with user information
ModPropertySet mps = new ModPropertySet();
mps.addProperty(LDIF.ATTRIBUTE_CHANGE_TYPE_ADD,"givenname", "John");
mps.addProperty(LDIF.ATTRIBUTE_CHANGE_TYPE_ADD,"mail", "[email protected]");
mps.addProperty(LDIF.ATTRIBUTE_CHANGE_TYPE_ADD,"userpassword", "welcome1");
 
// Create the user
User newUser = null;
try {
newUser = mysub.createUser(ctx, mps, true);
System.out.println("New User DN: " + newUser.getDN(ctx));
}
catch (UtilException e) {
e.printStackTrace();
}
}
}

To use the above sample code do the following:
1. Save the above text indicated between the begin/end cut lines into a file named NewUser.java. Note that the filename and case are important and must be exactly NewUser.java unless the code has been modified.

2. Locate the Java Development Kit (JDK) on your system. For recent Oracle installations it should have been installed under $ORACLE_HOME/jdk but could be located elsewhere.

3. Compile the NewUser.java file into a binary NewUser.class file using the following command:

/bin/javac –classpath $ORACLE_HOME/jlib/ldapjclnt9.jar NewUser.java

Since the sample code makes use of the Oracle LDAP classes it is necessary to include the classpath parameter in the javac command. The above command should complete with no errors or output and should result in a file named NewUser.class being created.

4. Execute the resulting NewUser.class file using the following command:

/bin/java –cp .:$ORACLE_HOME/jlib/ldapjclnt9.jar NewUser

Note that this time there is NO extension specified (neither .java nor .class is used) and it must be executed from the same directory where the NewUser.class file is located. Again the file is case-sensitive and must be exactly as listed above. Make note of the –cp parameter as it includes the current directory and the location of the ldapjclnt9.jar file. It is necessary to include the “.:” (this is a period followed by a colon) in the –cp parameter for the program to execute correctly.

If the NewUser.class file executes it will print “New User DN: cn=john.doe,cn=Users,dc=acme,dc=org” to the screen. The user will be created within OID in the cn=users container of the default subscriber/realm. This user can then been seen via an ldapsearch or through Oracle Directory Manager (ODM).

If any errors are encountered (such as invalid user/pass, duplicate entry, etc… then an error message will be displayed. In this simple example the error messages are of very little help other than for indicating what part of the code failed. For example, if the user already existed then the following error will be displayed:

oracle.ldap.util.UtilException: NamingException encountered in ldapAdd [LDAP: error code 68 – Object alre
ady exists]
at oracle.ldap.util.Util.ldapAdd(Util.java:2016)
at oracle.ldap.util.Subscriber.createUser(Subscriber.java:1392)
at oracle.ldap.util.Subscriber.createUser(Subscriber.java:1315)
at NewUser.main(NewUser.java:46)

Using the Native Java JNDI Packages

The OID Java API documentation shows how to search and modify entries within an OID ldap server but does not give any examples or instructions for how to create a new entry in the ldap server. This example is very similar to the above java code but uses ONLY native java packages.

The sample code below uses the Java JNDI packages to bind to the OID directory server and then create a new user under a specific location in the directory tree. This code uses NO Oracle-specific Java function calls. The sample code uses only Java packages that are supplied by Sun’s Java Development Kit.

import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.*;
import java.util.*;
 
public class NewUser
{
final static String ldapServerName = "mlc2.acme.org";
final static String ldapServerPort = "4032";
final static String rootdn = "cn=orcladmin";
final static String rootpass = "welcome1";
final static String entryDn = "cn=javauser,cn=users,dc=acme,dc=org";
 
public static void main(String argv[]) throws NamingException
{
Properties env = new Properties();
env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
env.put( Context.PROVIDER_URL, "ldap://" + ldapServerName + ":" + ldapServerPort + "/");
env.put( Context.SECURITY_PRINCIPAL, rootdn );
env.put( Context.SECURITY_CREDENTIALS, rootpass );
DirContext ctx = new InitialDirContext(env);
 
// Create the objclassSet to hold all the entry's objectClasses.
BasicAttribute objclassSet = new BasicAttribute("objectclass");
objclassSet.add("person");
objclassSet.add("organizationalPerson");
objclassSet.add("inetOrgPerson");
objclassSet.add("top");
objclassSet.add("orcluser");
objclassSet.add("orcluserv2");
 
// load the attributes
BasicAttributes attrs = new BasicAttributes();
attrs.put(objclassSet);
attrs.put("mail", "[email protected]");
attrs.put("cn", "javauser");
attrs.put("sn", "Campbell");
attrs.put("givenname", "Mike");
attrs.put("uid", "javauser");
attrs.put("userpassword", "welcome1");
 
//create the user in OID
ctx.createSubcontext(entryDn, attrs);
}
}

To use the above sample code do the following:
1. Save the above text indicated between the begin/end cut lines into a file named NewUser.java. Note that the filename and case are important and must be exactly NewUser.java unless the code has been modified.

2. Locate the Java Development Kit (JDK) on your system. For recent Oracle installations it should have been installed under $ORACLE_HOME/jdk but could be located elsewhere.

3. Compile the NewUser.java file into a binary NewUser.class file using the following command:

/bin/javac NewUser.java

Since the sample code does not contain any Oracle-specific packages in it there is no need to specify any classpath. The above command should complete with no errors or output and should result in a file named NewUser.class being created.

4. Execute the resulting NewUser.class file using the following command:

/bin/java NewUser

Note that this time there is NO extension specified (neither .java nor .class is used) and it must be executed from the same directory where the NewUser.class file is located. Again the file is case-sensitive and must be exactly as listed above.

If the NewUser.class file executes successfully there will be no output written to the screen. The user will be created within OID in the location specified by the entryDN variable. This user can then been seen via an ldapsearch or through Oracle Directory Manager (ODM).

If any errors are encountered (such as invalid user/pass, duplicate entry, etc… then a Java exception will occur and a stack trace will be displayed showing the error. For example, if the user already existed then the following error will be displayed: