I want to allow a user to authenticate and retrieve a full list of Active Directory users without having to enter their password. I'm able to authenticate easily through Waffle and can query information specific to the authenticated user, like the list of groups to which they belong. However, Waffle doesn't seem to have the ability to make more general queries like the full list of users (or even the list of users belonging to a certain group).
I have another toy example configured where I use the JNDI to query the user list, which works fine, but it requires a username and password in order to make the connection.
Assuming anonymous querying is disabled on my AD server, is there any way for me to use the authenticated session I've established through Waffle to query the list of users?
Figured it out, in case anyone is interested. Honestly surprised I didn't get an answer or find a clear-cut solution somewhere online. It turns out that Waffle is unnecessary for a simple user list query - I modified the code sample here to produce the following method which does the trick:
static void queryCom4j(){
IADs rootDSE = COM4J.getObject(IADs.class, "LDAP://RootDSE", null);
String namingContext = (String)rootDSE.get("defaultNamingContext");
_Connection conn = ClassFactory.createConnection();
conn.provider("ADsDSOObject");
conn.open("Active Directory Provider","","",-1);
_Command cmd = ClassFactory.createCommand();
cmd.activeConnection(conn);
String fields = "distinguishedName,userPrincipalName,telephoneNumber,mail";
String query = "(&(objectclass=user)(objectcategory=person))";
cmd.commandText("<LDAP://" + namingContext + ">;" + query + ";" + fields + ";subTree");
_Recordset rs = cmd.execute(null, Variant.getMissing(), -1);
System.out.println("Found " + rs.recordCount() + " users");
while (!rs.eof()){
for (int i = 0; i < fields.split(",").length; i++){
Object value = rs.fields().item(i).value();
System.out.println((value == null) ? "N/A" : value.toString());
}
rs.moveNext();
}