I am trying to add an user into Active Directory.
Having in mind:
Using SSL
Certificate ok
Password works fine
With out group association, the user is correctly created.
When I try to associate the user to a group I get the following error:
javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000209A: SvcErr: DSID-031A1021, problem 5003 (WILL_NOT_PERFORM), data 0
I have used the DN and NAME group attributes but none worked.
My code is:
ctx = getContext();
ctx.createSubcontext(entryDN,entry); // it works fine
Attribute memberOf1 = new BasicAttribute("memberOf","NAME_OF_THE_GROUP");
Attributes atts = new BasicAttributes();
atts.put(memberOf1);
ctx.modifyAttributes(entryDN, LdapContext.ADD_ATTRIBUTE, atts); // ## it doesn't work
I tried LdapContext.ADD_ATTRIBUTE and LdapContext.REPLACE_ATTRIBUTE.
Also, I tried to add the group with the other attributes but all situation gave me the same error.
Does anyone have any idea what is going on?
Cheers!
解决方案
memberOf is a constructed attribute. You have to add the user to the group's member property, not add the group to the user's memberOf property.