I m creating an application that has to connect to an active directory.

I m actually facing a problem when dealing with updating a group member.

The group name is : GG-Collaboration-AgenceXXX

Here's my GroupRepository class code that throws the exception :

 public void addMemberToGroup(String groupName, User user) {
        Name groupDn = this.buildGroupDn(groupName);
        Name userDn = this.buildPersonDn(user.getFirstName() + " " + user.getLastName(), user.getCompany(), user.getCountry().toString());
        DirContextOperations ctx = this.ldapTemplate.lookupContext(groupDn);
        ctx.addAttributeValue("member", userDn);
        System.out.println(userDn);
        this.ldapTemplate.modifyAttributes(ctx);
    }

 private Name buildGroupDn(String groupName) {
        return LdapNameBuilder.newInstance("CN=" + groupName).build();
    }

    private Name buildPersonDn(String fullname, String company, String country) {
        return LdapNameBuilder.newInstance("DC=test,DC=lan").add("OU", "Utilisateurs").add("CN", fullname).build();
    }

Here's my fullstack error :

Malformed 'member' attribute value; nested exception is javax.naming.directory.InvalidAttributeValueException: Malformed 'member' attribute value; remaining name 'CN=GG-Collaboration-AgenceXXX'
    at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:132)
Caused by: javax.naming.directory.InvalidAttributeValueException: Malformed 'member' attribute value
    at com.sun.jndi.ldap.LdapClient.encodeAttribute(LdapClient.java:984)

The "member" attribute only allows strings as value and not LDAPName objects. So convert your userDn to a string before putting it into the attribute.

What is the value you are getting in "member" attribute? There are some special characters which are not allowed. Allowed LDAP Attribute Characters

When adding attribute value, just call toString() method on javax.naming.Name types. Like this:

ctx.addAttributeValue("member", userDn.toString());

It will solve this issue.