Search in sources :

Example 31 with RootDSE

use of com.unboundid.ldap.sdk.RootDSE in project ldapsdk by pingidentity.

the class MoveSubtree method doToolProcessing.

/**
 * {@inheritDoc}
 */
@Override()
@NotNull()
public ResultCode doToolProcessing() {
    final List<String> baseDNs;
    if (baseDN.isPresent()) {
        final List<DN> dnList = baseDN.getValues();
        baseDNs = new ArrayList<>(dnList.size());
        for (final DN dn : dnList) {
            baseDNs.add(dn.toString());
        }
    } else {
        try {
            baseDNs = baseDNFile.getNonBlankFileLines();
        } catch (final Exception e) {
            Debug.debugException(e);
            err(ERR_MOVE_SUBTREE_ERROR_READING_BASE_DN_FILE.get(baseDNFile.getValue().getAbsolutePath(), StaticUtils.getExceptionMessage(e)));
            return ResultCode.LOCAL_ERROR;
        }
        if (baseDNs.isEmpty()) {
            err(ERR_MOVE_SUBTREE_BASE_DN_FILE_EMPTY.get(baseDNFile.getValue().getAbsolutePath()));
            return ResultCode.PARAM_ERROR;
        }
    }
    LDAPConnection sourceConnection = null;
    LDAPConnection targetConnection = null;
    try {
        try {
            sourceConnection = getConnection(0);
        } catch (final LDAPException le) {
            Debug.debugException(le);
            err(ERR_MOVE_SUBTREE_CANNOT_CONNECT_TO_SOURCE.get(StaticUtils.getExceptionMessage(le)));
            return le.getResultCode();
        }
        try {
            targetConnection = getConnection(1);
        } catch (final LDAPException le) {
            Debug.debugException(le);
            err(ERR_MOVE_SUBTREE_CANNOT_CONNECT_TO_TARGET.get(StaticUtils.getExceptionMessage(le)));
            return le.getResultCode();
        }
        sourceConnection.setConnectionName(INFO_MOVE_SUBTREE_CONNECTION_NAME_SOURCE.get());
        targetConnection.setConnectionName(INFO_MOVE_SUBTREE_CONNECTION_NAME_TARGET.get());
        // port for both source and target servers.
        if (sourceConnection.getConnectedAddress().equals(targetConnection.getConnectedAddress()) && (sourceConnection.getConnectedPort() == targetConnection.getConnectedPort())) {
            err(ERR_MOVE_SUBTREE_SAME_SOURCE_AND_TARGET_SERVERS.get());
            return ResultCode.PARAM_ERROR;
        }
        // Next, retrieve the root DSE over each connection.  Use it to verify
        // that both the startupUUID values are different as a check to ensure
        // that the source and target servers are different (this will be a
        // best-effort attempt, so if either startupUUID can't be retrieved, then
        // assume they're different servers).  Also check to see whether the
        // source server supports the suppress referential integrity updates
        // control.
        boolean suppressReferentialIntegrityUpdates = false;
        try {
            final RootDSE sourceRootDSE = sourceConnection.getRootDSE();
            final RootDSE targetRootDSE = targetConnection.getRootDSE();
            if ((sourceRootDSE != null) && (targetRootDSE != null)) {
                final String sourceStartupUUID = sourceRootDSE.getAttributeValue(ATTR_STARTUP_UUID);
                final String targetStartupUUID = targetRootDSE.getAttributeValue(ATTR_STARTUP_UUID);
                if ((sourceStartupUUID != null) && sourceStartupUUID.equals(targetStartupUUID)) {
                    err(ERR_MOVE_SUBTREE_SAME_SOURCE_AND_TARGET_SERVERS.get());
                    return ResultCode.PARAM_ERROR;
                }
            }
            if (sourceRootDSE != null) {
                suppressReferentialIntegrityUpdates = sourceRootDSE.supportsControl(SuppressReferentialIntegrityUpdatesRequestControl.SUPPRESS_REFINT_REQUEST_OID);
            }
        } catch (final Exception e) {
            Debug.debugException(e);
        }
        boolean first = true;
        ResultCode resultCode = ResultCode.SUCCESS;
        for (final String dn : baseDNs) {
            if (first) {
                first = false;
            } else {
                out();
            }
            final OperationPurposeRequestControl operationPurpose;
            if (purpose.isPresent()) {
                operationPurpose = new OperationPurposeRequestControl(getToolName(), getToolVersion(), 20, purpose.getValue());
            } else {
                operationPurpose = null;
            }
            final MoveSubtreeResult result = moveSubtreeWithRestrictedAccessibility(this, sourceConnection, targetConnection, dn, sizeLimit.getValue(), operationPurpose, suppressReferentialIntegrityUpdates, (verbose.isPresent() ? this : null));
            if (result.getResultCode() == ResultCode.SUCCESS) {
                wrapOut(0, 79, INFO_MOVE_SUBTREE_RESULT_SUCCESSFUL.get(result.getEntriesAddedToTarget(), dn));
            } else {
                if (resultCode == ResultCode.SUCCESS) {
                    resultCode = result.getResultCode();
                }
                wrapErr(0, 79, ERR_MOVE_SUBTREE_RESULT_UNSUCCESSFUL.get());
                if (result.getErrorMessage() != null) {
                    wrapErr(0, 79, ERR_MOVE_SUBTREE_ERROR_MESSAGE.get(result.getErrorMessage()));
                }
                if (result.getAdminActionRequired() != null) {
                    wrapErr(0, 79, ERR_MOVE_SUBTREE_ADMIN_ACTION.get(result.getAdminActionRequired()));
                }
            }
        }
        return resultCode;
    } finally {
        if (sourceConnection != null) {
            sourceConnection.close();
        }
        if (targetConnection != null) {
            targetConnection.close();
        }
    }
}
Also used : DN(com.unboundid.ldap.sdk.DN) ASN1OctetString(com.unboundid.asn1.ASN1OctetString) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) LDAPSearchException(com.unboundid.ldap.sdk.LDAPSearchException) ArgumentException(com.unboundid.util.args.ArgumentException) LDAPException(com.unboundid.ldap.sdk.LDAPException) RootDSE(com.unboundid.ldap.sdk.RootDSE) OperationPurposeRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.OperationPurposeRequestControl) LDAPException(com.unboundid.ldap.sdk.LDAPException) ResultCode(com.unboundid.ldap.sdk.ResultCode) NotNull(com.unboundid.util.NotNull)

Example 32 with RootDSE

use of com.unboundid.ldap.sdk.RootDSE in project ldapsdk by pingidentity.

the class LDAPPasswordModify method getPasswordUpdateMethod.

/**
 * Determines the method that should be used to update the password.
 *
 * @param  pool  The connection pool to use to communicate with the
 *               directory server, if appropriate.
 *
 * @return  The method that should be used to update the password.  The value
 *          returned will be one of
 *          {@link #PASSWORD_CHANGE_METHOD_PW_MOD_EXTOP},
 *          {@link #PASSWORD_CHANGE_METHOD_LDAP_MOD}, or
 *          {@link #PASSWORD_CHANGE_METHOD_AD}.
 *
 * @throws  LDAPException  If a problem occurs while attempting to make the
 *                         determination.
 */
@NotNull()
private String getPasswordUpdateMethod(@NotNull final LDAPConnectionPool pool) throws LDAPException {
    if (passwordChangeMethod.isPresent()) {
        switch(StaticUtils.toLowerCase(passwordChangeMethod.getValue())) {
            case PASSWORD_CHANGE_METHOD_PW_MOD_EXTOP:
                return PASSWORD_CHANGE_METHOD_PW_MOD_EXTOP;
            case PASSWORD_CHANGE_METHOD_LDAP_MOD:
                return PASSWORD_CHANGE_METHOD_LDAP_MOD;
            case PASSWORD_CHANGE_METHOD_AD:
                return PASSWORD_CHANGE_METHOD_AD;
        }
    }
    // Retrieve the root DSE from the directory server.  If we can't get the
    // root DSE, then default to the password modify extended operation.
    final RootDSE rootDSE;
    try {
        rootDSE = pool.getRootDSE();
    } catch (final LDAPException e) {
        Debug.debugException(e);
        return PASSWORD_CHANGE_METHOD_PW_MOD_EXTOP;
    }
    if (rootDSE == null) {
        return PASSWORD_CHANGE_METHOD_PW_MOD_EXTOP;
    }
    // operation, then use that method.
    if (rootDSE.supportsExtendedOperation(PasswordModifyExtendedRequest.PASSWORD_MODIFY_REQUEST_OID)) {
        if (verbose.isPresent()) {
            wrapOut(0, WRAP_COLUMN, INFO_PWMOD_SELECTING_PW_MOD_EXTOP_METHOD.get());
        }
        return PASSWORD_CHANGE_METHOD_PW_MOD_EXTOP;
    }
    // We need to differentiate between Active Directory and other types of
    // servers.  Unfortunately, Active Directory doesn't seem to provide
    // vendorName or vendorVersion attributes in its root DSE, so we'll need to
    // use some other means of detecting it.  Let's assume that if the server
    // advertises support for at least twenty supported controls in Microsoft's
    // OID range (starting with 1.2.840.113556), then it's an Active Directory
    // instance.  At the time this was written, two different AD versions each
    // advertised support for nearly double that number.
    int numMicrosoftControlsSupported = 0;
    for (final String oid : rootDSE.getSupportedControlOIDs()) {
        if (oid.startsWith(MICROSOFT_BASE_OBJECT_IDENTIFIER + '.')) {
            numMicrosoftControlsSupported++;
        }
    }
    if (numMicrosoftControlsSupported >= 20) {
        if (verbose.isPresent()) {
            wrapOut(0, WRAP_COLUMN, INFO_PWMOD_SELECTING_AD_METHOD_CONTROL_COUNT.get(numMicrosoftControlsSupported, MICROSOFT_BASE_OBJECT_IDENTIFIER));
        }
        return PASSWORD_CHANGE_METHOD_AD;
    }
    // Fall back to a default of a regular LDAP modify operation.
    if (verbose.isPresent()) {
        wrapOut(0, WRAP_COLUMN, INFO_PWMOD_DEFAULTING_TO_LDAP_MOD.get());
    }
    return PASSWORD_CHANGE_METHOD_LDAP_MOD;
}
Also used : LDAPException(com.unboundid.ldap.sdk.LDAPException) RootDSE(com.unboundid.ldap.sdk.RootDSE) NotNull(com.unboundid.util.NotNull)

Aggregations

RootDSE (com.unboundid.ldap.sdk.RootDSE)32 Test (org.testng.annotations.Test)26 LDAPConnection (com.unboundid.ldap.sdk.LDAPConnection)23 ASN1OctetString (com.unboundid.asn1.ASN1OctetString)13 ExtendedResult (com.unboundid.ldap.sdk.ExtendedResult)12 Control (com.unboundid.ldap.sdk.Control)11 LDAPException (com.unboundid.ldap.sdk.LDAPException)9 DN (com.unboundid.ldap.sdk.DN)7 AddRequest (com.unboundid.ldap.sdk.AddRequest)6 ModifyRequest (com.unboundid.ldap.sdk.ModifyRequest)6 SSLUtil (com.unboundid.util.ssl.SSLUtil)6 TrustAllTrustManager (com.unboundid.util.ssl.TrustAllTrustManager)6 Modification (com.unboundid.ldap.sdk.Modification)5 InMemoryDirectoryServer (com.unboundid.ldap.listener.InMemoryDirectoryServer)4 LDAPResult (com.unboundid.ldap.sdk.LDAPResult)4 SearchResult (com.unboundid.ldap.sdk.SearchResult)4 AuthorizationIdentityRequestControl (com.unboundid.ldap.sdk.controls.AuthorizationIdentityRequestControl)4 AuthorizationIdentityResponseControl (com.unboundid.ldap.sdk.controls.AuthorizationIdentityResponseControl)4 PostReadRequestControl (com.unboundid.ldap.sdk.controls.PostReadRequestControl)4 IgnoreNoUserModificationRequestControl (com.unboundid.ldap.sdk.unboundidds.controls.IgnoreNoUserModificationRequestControl)4