Get the user count from an LDAP group using a standalone Java applicationSummaryOne of the types of cases that is frequently handled by the CS-Integrations team deal with the data inconsistencies between what’s reported by the customer’s LDAP server and what is retrieved by the ServiceNow instance. In this KB article, the specific issue is with the number of users in a group. One of the best things a TSE should determine first is if this is an issue with the ServiceNow instance or if the instance is retrieving data correctly, but the customer’s expectation of their data is wrong. In other words, if a 3rd party application retrieves the same number of users in the group in question as the ServiceNow instance, then either the customer’s expectation is wrong or the issue is within their LDAP Server. A popular 3rd party tool that is already installed in all of the ServiceNow servers is ‘ldapsearch’. I am not going to explain how to use the ‘ldapsearch’ tool here, for information on this tool see Knowledge Base article KB0549836 titled ‘Using ldapsearch to test an LDAP server’. If ‘ldapsearch’ is not a valid option, then the customer can also compile and run the following Java application. import java.util.ArrayList;import java.util.Enumeration;import java.util.Hashtable;import javax.naming.Context;import javax.naming.NamingEnumeration;import javax.naming.NamingException;import javax.naming.directory.Attribute;import javax.naming.directory.Attributes;import javax.naming.directory.DirContext;import javax.naming.directory.InitialDirContext;import javax.naming.directory.SearchControls;import javax.naming.directory.SearchResult;import javax.naming.ldap.InitialLdapContext;import javax.naming.ldap.LdapContext;public class GetUserCountFromLdap { public static void main(String[] args) { /* Update these variable values before compiling. Note: LDAP_DN and LDAP_PW should be the same account used in the instance's LDAP Server record. */ String LDAP_URL = "ldap://10.14.49.47:389"; String LDAP_DN = "CN=Test Account,CN=Users,DC=test,DC=local"; String LDAP_PW = "password"; String SEARCH_BASE = "CN=Users,DC=test,DC=local"; String FILTER = "(objectClass=user)"; Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory"); //java.naming.factory.initial env.put(Context.PROVIDER_URL,LDAP_URL); //java.naming.provider.url //authentication: env.put(Context.SECURITY_PRINCIPAL,LDAP_DN); //java.naming.security.principal env.put(Context.SECURITY_CREDENTIALS,LDAP_PW); //java.naming.security.credentials env.put(Context.SECURITY_AUTHENTICATION,"simple"); //java.naming.security.authentication try { DirContext ctx = new InitialDirContext(env); ctx = new InitialLdapContext(env, null); SearchControls ctrl = new SearchControls(); ctrl.setSearchScope(SearchControls.SUBTREE_SCOPE); String[] returnAttrs = {"cn"}; ctrl.setReturningAttributes(returnAttrs); NamingEnumeration results = ctx.search(SEARCH_BASE,FILTER,ctrl); int count =0; while( results.hasMoreElements() ) { count++; SearchResult result = (SearchResult)results.next(); //print attributes: Attributes attrs = result.getAttributes(); if(null!=attrs) { for(NamingEnumeration ae = attrs.getAll(); ae.hasMoreElements();) { Attribute atr = (Attribute)ae.next(); String attrId = atr.getID(); for(Enumeration vals = atr.getAll(); vals.hasMoreElements(); System.out.println(attrId+": "+vals.nextElement())); } } } //finish iterating through all users System.out.println("number of items: " + count); System.exit(0); } catch (NamingException e) { e.printStackTrace(); System.out.println("LDAP Notifications failure. "); System.exit(1); } } //main} //GetUserCountFromLdapInstructionsadd the Java code into a file named GetUserCountFromLdap.javareplace LDAP_URL, LDAP_DN, LDAP_PW, SEARCH_BASE, and FILTER variable valuescompile: javac GetUserCountFromLdap.javarun: java GetUserCountFromLdap Note: You may also run the application using the -Djavax.net.debug=all to get network debug information.