How to convert Domain Name to Distinguished Name (DN) in LDAP?

Question

I am creating a java application that able to login to LDAP server with OpenDJ Client SDK, but I only has Domain Name, User Name (also known as SAMAccountName), and Password. If you don't know domain login, see this image:

You enter the user name field in format: DOMAIN_NAME\USER_NAME instead of just plain USER_NAME. Example of Domain Name is: corp.fabrikam.com.

Now I need to know how to convert Domain Name to Distinguished Name (DN)? Because OpenDJ requires Distinguished Name to connect to LDAP.

For example: Distinguished Name from corp.fabrikam.com is: dc=corp, dc=fabrikam, dc=com.

It seems I just need to split it by ".", but I heard there is thing called Disjoint Domain:
http://technet.microsoft.com/en-us/library/cc731125%28v=ws.10%29.aspx

So splitting trick might not reliable here.

Also, user in LDAP can be under an Organizational Unit (OU). Let's say user john is belong to manager OU, so the full user DN of john would become like this:

uid=john, ou=manager, dc=corp, dc=fabrikam, dc=com

Answer 1

You should always refer to the RootDSE entry of the ldap server to get information about the environment you are connecting to. The RootDSE entry is readable by anyone upon an anonymous bind ( or a particular user, it does not really matter, as long as you are bound ). It contains a lot of interesting stuff, the one you are looking for is defaultNamingContext.

Once bound, perform an ldap read operation on the DN of an empty string: ''. If the framework of your choice provides some API to read the rootDSE, try to use that. It might be much more simple.

This might help you to get a kickstart: http://opendj.forgerock.org/opendj-ldap-sdk/apidocs/index.html I did not find any mention of the defaultNamingContext on the opendj documentation pages, but you might just get the information you are looking for via getNamingContexts() method.

Note that rootDSE is an ldap feature, it's not implementation-specific.