Welcome to Software Development on Codidact!
Will you help us build our independent community of developers helping developers? We're small and trying to grow. We welcome questions about all aspects of software development, from design to code to QA and more. Got questions? Got answers? Got code you'd like someone to review? Please join us.
Comments on How to check if a ldap username is valid without contacting the active directory via ldap?
Post
How to check if a ldap username is valid without contacting the active directory via ldap?
I have some code connecting to an active directory via ldap. Something like this:
public Response add(User user) {
try {
LDAPConnectionPool ldapPool = ldapConnectionPool.getPool();
// Code
LDAPResult res = ldapPool.add(user);
} catch (LDAPException exeption) {
Before the try block, I'd like to check if the username is valid, in the sense that it's not too long, cotains illegal characters, does not end with dot etc. And sure, that would be fairly easy to write. But I thought that there must be a library function that does this, but I have not been able to find it anywhere.
When I google "validate username ldap", "validate samaccountname" etc in various ways, all I find is stuff to check if the user exists on the server and similar. Was that a bad search query? Is this called something else?
Sure, in theory I could try to create the user on the server and check the return code, but I want to perform this check without contacting the ldap server at all. And I don't want to reinvent the wheel either. (Ok, I do want to reinvent the wheel, but the code would suffer)
I have found this https://ldapwiki.com/wiki/SamAccountName
We have used this and it appears to work:
^(?:(?:[^. \"\/\\\[\]\:\|\\+\=\;\?\*\<\>\,][^\"\/\\\[\]\:\|\\+\=\;\?\*\<\>\,]{0,62}[^. \"\/\\\[\]\:\|\\+\=\;\?\*\<\>\,])|[^.\"\/\\\[\]\:\|\\+\=\;\?\*\<\>\,])$
But this seems very experimental and unofficial. Plus that I need a way to validate more restricted version with maximum 20 characters.
2 comment threads