发表评论
LDAP是轻量级的目录访问协议,本文主要讲解的是微软的AD(微软AD活动目录)
以下是使用Java JNDI 访问验证域名为gicom.com ,组织机构为MEA,账户为ZhangChen的用户:
import java.util.Enumeration;
import java.util.Properties;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
/**
*
* @author ZhangChen 获取AD域用户相关信息
*/
public class TestLdap {
Properties env = new Properties();
String ldapURL = "ldap://" + "192.168.168.252" + ":" + 389;
public void getInfo() throws NamingException {
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
//AD域的账户记得添加@+域名
env.put(Context.SECURITY_PRINCIPAL, "ZhangChen@gicom.com");
env.put(Context.SECURITY_CREDENTIALS, "Chen2014"); //密码
env.put(Context.PROVIDER_URL, ldapURL);
LdapContext ctx = new InitialLdapContext(env, null);
SearchControls searchCtls = new SearchControls();
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
// 注意OU和DC的先后顺序
NamingEnumeration results = ctx.search("OU=MEA,DC=gicom,DC=com",
"objectClass=User", searchCtls);
while (results.hasMoreElements()) {
SearchResult sr = (SearchResult) results.next();
Attributes attributes = sr.getAttributes();
NamingEnumeration values = attributes.getAll();
while (values.hasMore()) {
Attribute attr = (Attribute) values.next();
Enumeration vals = attr.getAll();
while (vals.hasMoreElements()) {
Object o = vals.nextElement();
System.out.println(attr.getID() + "--------------"
+ o.toString());
}
}
}
}
public static void main(String[] args) throws NamingException {
TestLdap ldap = new TestLdap();
ldap.getInfo();
}
}
LDAP的简称对应