How to create and enable a user in ldap using java?

Question

I am trying to create a user in ldap using java, however user is being created but it is disabled, how to enable it while creation of the user, posting code that i am using for creation. Is any parameter missing or setting wrong attributes or password setting is wrong? Help me out.

        Attribute userCn = new BasicAttribute("cn", commonName);
        Attribute samAccountName = new BasicAttribute("samAccountName",samaccountname);
        Attribute userPassword = new BasicAttribute("userPassword",Password);
        Attribute oc = new BasicAttribute("objectClass");
            oc.add("top");
            oc.add("person");
            oc.add("organizationalPerson");
            oc.add("user");
        Attributes entry = new BasicAttributes(true);
        entry.put(userCn);
        entry.put(samAccountName);
        entry.put(oc);
        entry.put(userPassword);
String entryDN = "CN=" + userID.trim() + ",OU=abc,OU=def,DC=ghi,DC=jkl";
dirContext.createSubcontext(entryDN, entry);

UPDATE 1

I am getting the following exception/error while updating or modifying user for setting the password of a user and enabling it and i am using private connection between ldap server and my enviroment so should i need to use SSL/TLS configurations.

ErrorCode 53 and WILL_NOT_PERFORM

Answer 1

AFIK, this must be due to the fact that you are setting the "userPassword" attribute which is not present in Microsoft Active Directory (by default).

The unicodePwd is the password attribute in Microsoft Active Directory and it requires "special" encoding to be set from JNDI. We show an example in this source code.

So user entries created within Microsoft Active Directory with no password are disabled by default.

Also, for Microsoft Active Directory you MUST use SSL-TLS to change the unicodePwd.

You may, but not recommended, Try setting the attribute userAccountControl = 544 on the created user entry with no unicodePwd. You may need to do this after creation.