用于搜索广告的active directory Java程序
这是我目前的代码。我正在制作一个java程序,它搜索Active Directory以确定用户/计算机应用了哪些策略。目前的工作如下。接下来,我将添加功能以向用户添加策略。但是,在检查下面的策略时,如果用户不存在并且用户没有策略,则不会产生任何结果。我搞不懂的是如何确定用户是否不存在?任何帮助都将不胜感激
public class memberOf {
ArrayList results;
memberOf(String computerName){
Hashtable env = new Hashtable();
//String adminName = "CN=Administrator,CN=Users,DC=ANTIPODES,DC=COM";
//String adminPassword = "XXXXXXX";
String ldapURL = "n";
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
//set security credentials, note using simple cleartext authentication
env.put(Context.SECURITY_AUTHENTICATION,"simple");
env.put(Context.SECURITY_PRINCIPAL,"u");
System.out.println("Enter password");
Scanner in = new Scanner(System.in);
String password = in.nextLine();
env.put(Context.SECURITY_CREDENTIALS,password);
//env.put(Context.SECURITY_PROTOCOL, "ssl");
//connect toSdomain controller
env.put(Context.PROVIDER_URL,ldapURL);
try {
//Create the initial directory context
LdapContext ctx = new InitialLdapContext(env,null);
//Create the search controls
SearchControls searchCtls = new SearchControls();
//Specify the search scope
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
//specify the LDAP search filter
String searchFilter= "CN="+computerName;
//Specify the Base for the search
String searchBase = "DC=n,DC=o";
//initialize counter to total the groups
int totalResults = 0;
//Specify the attributes to return
String returnedAtts[]={"memberOf"};
searchCtls.setReturningAttributes(returnedAtts);
//Search for objects using the filter
NamingEnumeration answer = ctx.search(searchBase, searchFilter, searchCtls);
results = new ArrayList();
while (answer.hasMoreElements()) {
SearchResult sr = (SearchResult)answer.next();
Attributes attrs = sr.getAttributes();
try {
for (NamingEnumeration ae = attrs.getAll();ae.hasMore();) {
Attribute attr = (Attribute)ae.next();
for (NamingEnumeration e = attr.getAll();e.hasMore();totalResults++) {
String tempStr = (String)(e.next());
int start = tempStr.indexOf("_");
int end = tempStr.indexOf(",");
tempStr=tempStr.substring(start, end);
results.add(totalResults,tempStr);
}
}
}
catch(Exception e){
e.printStackTrace();
}
}
ctx.close();
}
catch (NamingException e) {
e.printStackTrace();
}
}
public ArrayList getResults(){
System.out.println(results.size());
if(results.size()==0){
results.add(0, "No Groups");
}
return(results);
}
}
# 1 楼答案
你不能那样找到它。您需要知道要在用户中搜索的属性(upn、samAccountName等),以这种方式查找它们,并使用用户对象中的反向链接属性查找它们的策略
看起来你在做相反的事情——看看政策,问“谁是该政策的成员”。这很有效,但显然无法区分