Python中文网

一个关于 编程问题的解答网站.

有 Java 编程相关的问题?

你可以在下面搜索框中键入要查询的问题!

用于搜索广告的active directory Java程序

4 月 Questions & Answers

这是我目前的代码。我正在制作一个java程序,它搜索Active Directory以确定用户/计算机应用了哪些策略。目前的工作如下。接下来,我将添加功能以向用户添加策略。但是,在检查下面的策略时,如果用户不存在并且用户没有策略,则不会产生任何结果。我搞不懂的是如何确定用户是否不存在?任何帮助都将不胜感激

public class memberOf   {

    ArrayList results;

    memberOf(String computerName){

        Hashtable env = new Hashtable();
        //String adminName = "CN=Administrator,CN=Users,DC=ANTIPODES,DC=COM";
        //String adminPassword = "XXXXXXX";
        String ldapURL = "n";
        env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
        //set security credentials, note using simple cleartext authentication
        env.put(Context.SECURITY_AUTHENTICATION,"simple");


        env.put(Context.SECURITY_PRINCIPAL,"u");
        System.out.println("Enter password");
        Scanner in = new Scanner(System.in);
        String password = in.nextLine();



        env.put(Context.SECURITY_CREDENTIALS,password);
        //env.put(Context.SECURITY_PROTOCOL, "ssl");



        //connect toSdomain controller
        env.put(Context.PROVIDER_URL,ldapURL);

        try {

            //Create the initial directory context
            LdapContext ctx = new InitialLdapContext(env,null);


            //Create the search controls        
            SearchControls searchCtls = new SearchControls();

            //Specify the search scope
            searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);

            //specify the LDAP search filter
            String searchFilter= "CN="+computerName;

            //Specify the Base for the search
            String searchBase = "DC=n,DC=o";

            //initialize counter to total the groups
            int totalResults = 0;


            //Specify the attributes to return
            String returnedAtts[]={"memberOf"};
            searchCtls.setReturningAttributes(returnedAtts);

            //Search for objects using the filter
            NamingEnumeration answer = ctx.search(searchBase, searchFilter, searchCtls);


            results = new ArrayList();
                while (answer.hasMoreElements()) {

                    SearchResult sr = (SearchResult)answer.next();

                    Attributes attrs = sr.getAttributes();


                    try {

                        for (NamingEnumeration ae = attrs.getAll();ae.hasMore();) {
                            Attribute attr = (Attribute)ae.next();                          

                            for (NamingEnumeration e = attr.getAll();e.hasMore();totalResults++) {

                                String tempStr = (String)(e.next());
                                int start = tempStr.indexOf("_");
                                int end = tempStr.indexOf(",");
                                tempStr=tempStr.substring(start, end);                          
                                results.add(totalResults,tempStr);                              

                            }

                        }

                    }    
                    catch(Exception e){
                        e.printStackTrace();
                    }                   

                }
        ctx.close();        
        }       
        catch (NamingException e) {
            e.printStackTrace();
        }   

    }
    public ArrayList getResults(){
        System.out.println(results.size());
        if(results.size()==0){
            results.add(0, "No Groups");
        }
        return(results);
    }

}

共 (1) 个答案

  1. # 1 楼答案

    你不能那样找到它。您需要知道要在用户中搜索的属性(upn、samAccountName等),以这种方式查找它们,并使用用户对象中的反向链接属性查找它们的策略

    看起来你在做相反的事情——看看政策,问“谁是该政策的成员”。这很有效,但显然无法区分

    • 用户存在但不是成员
    • 用户根本不存在