I've build an active directory api. On one machine it works fine, but on another machine (different forest, different network) spring ldapTemplate does not find specific groups. All other groups are found. I've compared groups that can be found with those that can't. I can't see any differences.
For some reason the specific groups show up if I set the base of the ldap search to the organizational unit that the groups are in. Also, if I search the ad domain with ldifde on my terminal, the missing groups show up with the others.
The code that I use is pretty basic. As I said before, it simply doesn't work on that one machine. Here is how I set the ldap properties:
ldapContextSource().setUrl(domain.getAddress() + ":" + domain.getPort());
ldapContextSource().setBase(domain.getBase());
ldapContextSource().setUserDn(domain.getUserDn());
ldapContextSource().setPassword(domain.getDecryptedPassword());
ldapContextSource().afterPropertiesSet();
[...]
@Bean
public LdapTemplate ldapTemplate() {
return new LdapTemplate(ldapContextSource());
}
I search for groups using
ldapTemplate.findAll(LdapGroup.class);
and this is how LdapGroup.class looks like:
@Entry(objectClasses = {"top", "group"})
public class LdapGroup {
@JsonIgnore
@Id
private Name dn;
[...]
LdapGroup.classanddomain.getBase()? - Gabriel LuciLdapGroup.class', but the class has a few more attributes annotated with e.g.@Attribute(name = "sAMAccountName"). The base is usually just the domain e.g.dc=example,dc=local. Can you point me to where I can see the actual query? - xLdoubleR