use of com.unboundid.ldap.sdk.RootDSE in project ldapsdk by pingidentity.
the class MoveSubtree method doToolProcessing.
/**
* {@inheritDoc}
*/
@Override()
@NotNull()
public ResultCode doToolProcessing() {
final List<String> baseDNs;
if (baseDN.isPresent()) {
final List<DN> dnList = baseDN.getValues();
baseDNs = new ArrayList<>(dnList.size());
for (final DN dn : dnList) {
baseDNs.add(dn.toString());
}
} else {
try {
baseDNs = baseDNFile.getNonBlankFileLines();
} catch (final Exception e) {
Debug.debugException(e);
err(ERR_MOVE_SUBTREE_ERROR_READING_BASE_DN_FILE.get(baseDNFile.getValue().getAbsolutePath(), StaticUtils.getExceptionMessage(e)));
return ResultCode.LOCAL_ERROR;
}
if (baseDNs.isEmpty()) {
err(ERR_MOVE_SUBTREE_BASE_DN_FILE_EMPTY.get(baseDNFile.getValue().getAbsolutePath()));
return ResultCode.PARAM_ERROR;
}
}
LDAPConnection sourceConnection = null;
LDAPConnection targetConnection = null;
try {
try {
sourceConnection = getConnection(0);
} catch (final LDAPException le) {
Debug.debugException(le);
err(ERR_MOVE_SUBTREE_CANNOT_CONNECT_TO_SOURCE.get(StaticUtils.getExceptionMessage(le)));
return le.getResultCode();
}
try {
targetConnection = getConnection(1);
} catch (final LDAPException le) {
Debug.debugException(le);
err(ERR_MOVE_SUBTREE_CANNOT_CONNECT_TO_TARGET.get(StaticUtils.getExceptionMessage(le)));
return le.getResultCode();
}
sourceConnection.setConnectionName(INFO_MOVE_SUBTREE_CONNECTION_NAME_SOURCE.get());
targetConnection.setConnectionName(INFO_MOVE_SUBTREE_CONNECTION_NAME_TARGET.get());
// port for both source and target servers.
if (sourceConnection.getConnectedAddress().equals(targetConnection.getConnectedAddress()) && (sourceConnection.getConnectedPort() == targetConnection.getConnectedPort())) {
err(ERR_MOVE_SUBTREE_SAME_SOURCE_AND_TARGET_SERVERS.get());
return ResultCode.PARAM_ERROR;
}
// Next, retrieve the root DSE over each connection. Use it to verify
// that both the startupUUID values are different as a check to ensure
// that the source and target servers are different (this will be a
// best-effort attempt, so if either startupUUID can't be retrieved, then
// assume they're different servers). Also check to see whether the
// source server supports the suppress referential integrity updates
// control.
boolean suppressReferentialIntegrityUpdates = false;
try {
final RootDSE sourceRootDSE = sourceConnection.getRootDSE();
final RootDSE targetRootDSE = targetConnection.getRootDSE();
if ((sourceRootDSE != null) && (targetRootDSE != null)) {
final String sourceStartupUUID = sourceRootDSE.getAttributeValue(ATTR_STARTUP_UUID);
final String targetStartupUUID = targetRootDSE.getAttributeValue(ATTR_STARTUP_UUID);
if ((sourceStartupUUID != null) && sourceStartupUUID.equals(targetStartupUUID)) {
err(ERR_MOVE_SUBTREE_SAME_SOURCE_AND_TARGET_SERVERS.get());
return ResultCode.PARAM_ERROR;
}
}
if (sourceRootDSE != null) {
suppressReferentialIntegrityUpdates = sourceRootDSE.supportsControl(SuppressReferentialIntegrityUpdatesRequestControl.SUPPRESS_REFINT_REQUEST_OID);
}
} catch (final Exception e) {
Debug.debugException(e);
}
boolean first = true;
ResultCode resultCode = ResultCode.SUCCESS;
for (final String dn : baseDNs) {
if (first) {
first = false;
} else {
out();
}
final OperationPurposeRequestControl operationPurpose;
if (purpose.isPresent()) {
operationPurpose = new OperationPurposeRequestControl(getToolName(), getToolVersion(), 20, purpose.getValue());
} else {
operationPurpose = null;
}
final MoveSubtreeResult result = moveSubtreeWithRestrictedAccessibility(this, sourceConnection, targetConnection, dn, sizeLimit.getValue(), operationPurpose, suppressReferentialIntegrityUpdates, (verbose.isPresent() ? this : null));
if (result.getResultCode() == ResultCode.SUCCESS) {
wrapOut(0, 79, INFO_MOVE_SUBTREE_RESULT_SUCCESSFUL.get(result.getEntriesAddedToTarget(), dn));
} else {
if (resultCode == ResultCode.SUCCESS) {
resultCode = result.getResultCode();
}
wrapErr(0, 79, ERR_MOVE_SUBTREE_RESULT_UNSUCCESSFUL.get());
if (result.getErrorMessage() != null) {
wrapErr(0, 79, ERR_MOVE_SUBTREE_ERROR_MESSAGE.get(result.getErrorMessage()));
}
if (result.getAdminActionRequired() != null) {
wrapErr(0, 79, ERR_MOVE_SUBTREE_ADMIN_ACTION.get(result.getAdminActionRequired()));
}
}
}
return resultCode;
} finally {
if (sourceConnection != null) {
sourceConnection.close();
}
if (targetConnection != null) {
targetConnection.close();
}
}
}
use of com.unboundid.ldap.sdk.RootDSE in project ldapsdk by pingidentity.
the class LDAPPasswordModify method getPasswordUpdateMethod.
/**
* Determines the method that should be used to update the password.
*
* @param pool The connection pool to use to communicate with the
* directory server, if appropriate.
*
* @return The method that should be used to update the password. The value
* returned will be one of
* {@link #PASSWORD_CHANGE_METHOD_PW_MOD_EXTOP},
* {@link #PASSWORD_CHANGE_METHOD_LDAP_MOD}, or
* {@link #PASSWORD_CHANGE_METHOD_AD}.
*
* @throws LDAPException If a problem occurs while attempting to make the
* determination.
*/
@NotNull()
private String getPasswordUpdateMethod(@NotNull final LDAPConnectionPool pool) throws LDAPException {
if (passwordChangeMethod.isPresent()) {
switch(StaticUtils.toLowerCase(passwordChangeMethod.getValue())) {
case PASSWORD_CHANGE_METHOD_PW_MOD_EXTOP:
return PASSWORD_CHANGE_METHOD_PW_MOD_EXTOP;
case PASSWORD_CHANGE_METHOD_LDAP_MOD:
return PASSWORD_CHANGE_METHOD_LDAP_MOD;
case PASSWORD_CHANGE_METHOD_AD:
return PASSWORD_CHANGE_METHOD_AD;
}
}
// Retrieve the root DSE from the directory server. If we can't get the
// root DSE, then default to the password modify extended operation.
final RootDSE rootDSE;
try {
rootDSE = pool.getRootDSE();
} catch (final LDAPException e) {
Debug.debugException(e);
return PASSWORD_CHANGE_METHOD_PW_MOD_EXTOP;
}
if (rootDSE == null) {
return PASSWORD_CHANGE_METHOD_PW_MOD_EXTOP;
}
// operation, then use that method.
if (rootDSE.supportsExtendedOperation(PasswordModifyExtendedRequest.PASSWORD_MODIFY_REQUEST_OID)) {
if (verbose.isPresent()) {
wrapOut(0, WRAP_COLUMN, INFO_PWMOD_SELECTING_PW_MOD_EXTOP_METHOD.get());
}
return PASSWORD_CHANGE_METHOD_PW_MOD_EXTOP;
}
// We need to differentiate between Active Directory and other types of
// servers. Unfortunately, Active Directory doesn't seem to provide
// vendorName or vendorVersion attributes in its root DSE, so we'll need to
// use some other means of detecting it. Let's assume that if the server
// advertises support for at least twenty supported controls in Microsoft's
// OID range (starting with 1.2.840.113556), then it's an Active Directory
// instance. At the time this was written, two different AD versions each
// advertised support for nearly double that number.
int numMicrosoftControlsSupported = 0;
for (final String oid : rootDSE.getSupportedControlOIDs()) {
if (oid.startsWith(MICROSOFT_BASE_OBJECT_IDENTIFIER + '.')) {
numMicrosoftControlsSupported++;
}
}
if (numMicrosoftControlsSupported >= 20) {
if (verbose.isPresent()) {
wrapOut(0, WRAP_COLUMN, INFO_PWMOD_SELECTING_AD_METHOD_CONTROL_COUNT.get(numMicrosoftControlsSupported, MICROSOFT_BASE_OBJECT_IDENTIFIER));
}
return PASSWORD_CHANGE_METHOD_AD;
}
// Fall back to a default of a regular LDAP modify operation.
if (verbose.isPresent()) {
wrapOut(0, WRAP_COLUMN, INFO_PWMOD_DEFAULTING_TO_LDAP_MOD.get());
}
return PASSWORD_CHANGE_METHOD_LDAP_MOD;
}
Aggregations