X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.util%2Fsrc%2Forg%2Fargeo%2Futil%2Fdirectory%2Fldap%2FLdapDao.java;h=c33b50f65fb9a1a781bb62de4535b63b25198c63;hb=e921c662016dd893e60f3e801eb86d676adcb77d;hp=8e26cb44f14125206446e23eb0cf0849f26ebe50;hpb=0ce8ecfe974cec9f524c16884209cd08544d890d;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.util/src/org/argeo/util/directory/ldap/LdapDao.java b/org.argeo.util/src/org/argeo/util/directory/ldap/LdapDao.java
index 8e26cb44f..c33b50f65 100644
--- a/org.argeo.util/src/org/argeo/util/directory/ldap/LdapDao.java
+++ b/org.argeo.util/src/org/argeo/util/directory/ldap/LdapDao.java
@@ -83,8 +83,9 @@ public class LdapDao extends AbstractLdapDirectoryDao {
 //			int roleType = roleType(name);
 			LdapEntry res;
 			Rdn technicalRdn = LdapNameUtils.getParentRdn(name);
-			if (getDirectory().getGroupBaseRdn().equals(technicalRdn)
-					|| getDirectory().getSystemRoleBaseRdn().equals(technicalRdn))
+			if (getDirectory().getGroupBaseRdn().equals(technicalRdn))
+				res = newGroup(name, attrs);
+			else if (getDirectory().getSystemRoleBaseRdn().equals(technicalRdn))
 				res = newGroup(name, attrs);
 			else if (getDirectory().getUserBaseRdn().equals(technicalRdn))
 				res = newUser(name, attrs);
@@ -218,6 +219,8 @@ public class LdapDao extends AbstractLdapDirectoryDao {
 		try {
 			String searchFilter = "(|(" + objectClass + "=" + LdapObjs.organizationalUnit.name() + ")(" + objectClass
 					+ "=" + LdapObjs.organization.name() + "))";
+//			String searchFilter = "(|(" + objectClass + "=" + LdapObjs.organizationalUnit.name() + ")(" + objectClass
+//					+ "=" + LdapObjs.organization.name() + ")(cn=accounts)(cn=users)(cn=groups))";
 
 			SearchControls searchControls = new SearchControls();
 			searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
@@ -246,7 +249,9 @@ public class LdapDao extends AbstractLdapDirectoryDao {
 	public HierarchyUnit doGetHierarchyUnit(LdapName dn) {
 		try {
 			if (getDirectory().getBaseDn().equals(dn))
-				return null;
+				return getDirectory();
+			if (!dn.startsWith(getDirectory().getBaseDn()))
+				throw new IllegalArgumentException(dn + " does not start with base DN " + getDirectory().getBaseDn());
 			Attributes attrs = ldapConnection.getAttributes(dn);
 			return new LdapHierarchyUnit(getDirectory(), dn, attrs);
 		} catch (NamingException e) {