Dear,
I've a program that query some user account information from A.D.
But I don't want to hard code anything.
I've read some previous post about using LDAP, and using DNS queries to found all LDAP server of A.D.
But how can I get the A.D. domain name in Java?
for example
ldcp://_ldap._tcp.xxxx.yyyy
I want to get "xxxx.yyyy" from the logined user account. It is possible in Java.
You coud use the NTSystem class to derive the NetBIOS domain name, however without doing some gymnastics it isn't easy to derive the fully qualified domain name. import java.io.*;
import com.sun.security.auth.module.NTSystem;
class NTDomain {
public static void main(String[] args) {
NTSystem system = new NTSystem();
String domain = system.getDomain();
System.out.println("Domain: " + domain);
}
}
The only other alternatives could be to check the domain suffix of the user principal that was authenticated via Kerberos ....
lc = new LoginContext(searchkrb5.class.getName(),new SampleCallbackHandler());
lc.login();
}
catch (LoginException le) {
System.out.println("Logon failed: " + le);
System.exit(-1);
}
System.out.println("Authenticated via GSS-API");
System.out.println("User: " + lc.getSubject().getPrincipals().toString);
however I think that you still have to specifify the Kerberos realm in the apps configuration file.
Another alternative could be to make assumptions about the machines hostname, however one day an assumption will always be proven wrong, (eg. The machine's DNS domain name does not need to match the Active Directory domain).
Unless there is a Java API to read the Windows registry or extract Kerberos ticket information from the WIndows Kerberos ticket cache, you may be kind of stuck.