LDAP and JNDI

Today, instead of just dealing with people and papers, I actually worked on something a bit more interesting. I needed to allow users to change the passwords of their Active Directory accounts using a web page. Being a Java zealot, the solution I chose was JNDI which made things pretty much straightforward.

Of course it wouldn’t have been fun without problems and I encountered two, albeit minor, hitches with LDAP and Active Directory. LDAP is supposedly easy but it never ceases to give me just enough trouble to roundly irritate me. Active Directory only allows modification of passwords via a secure connection, either TLS or SSL. The latter is actually a good thing but I had to do a few extra steps. Besides, like I said, they were minor hitches.

So how to do it?

Continue reading “LDAP and JNDI”