LDAP: How to get all Groups in Active Directory?
Question
有没有办法使用java获取Active Directory中所有组的名称?
3 answers
solution1
10 2011-04-15 08:16:10
Use Java JNDI, and do a search for (objectclass=group) and request the cn attribute. This will get all the groups name.
Code example:
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
public class Test {
public static String ldapUri = "ldap://localhost";
public static String usersContainer = "cn=users,dc=example,dc=com";
public static void main(String args[]) {
if (args.length != 2) {
System.out.println("Usage: test userName password");
return;
}
String username = args[0];
String password = args[1];
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, ldapUri);
env.put(Context.SECURITY_PRINCIPAL, username);
env.put(Context.SECURITY_CREDENTIALS, password);
try {
DirContext ctx = new InitialDirContext(env);
SearchControls ctls = new SearchControls();
String[] attrIDs = { "cn" };
ctls.setReturningAttributes(attrIDs);
ctls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
NamingEnumeration answer = ctx.search(usersContainer, "(objectclass=group)", ctls);
while (answer.hasMore()) {
SearchResult rslt = (SearchResult) answer.next();
Attributes attrs = rslt.getAttributes();
System.out.println(attrs.get("cn"));
}
ctx.close();
} catch (NamingException e) {
e.printStackTrace();
}
}
}
solution2
2 2011-04-21 09:50:46
You can use this library. It's easy to use and powerfull
solution3
0 2015-07-31 13:41:14
I used Kalyan's example to query for user groups, but found that although the query worked, it did not returned all user groups. After some digging, I became aware of the AD Global Catalogue and based this example , I was able to modify Kalyan's answer to return all user groups from the global catalogue.
The required changes were:
- Added global port
3268to the ldapUri Set the first parameter to
Context.searchto"".public static void main(String args[]) { String ldapUri = "ldap://ad.domain.com"; if (args.length != 2) { System.out.println("Usage: test userName password"); return; } String username = args[0]; String password = args[1]; Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, ldapUri + ":3268"); env.put(Context.SECURITY_PRINCIPAL, username); env.put(Context.SECURITY_CREDENTIALS, password); try { DirContext context = new InitialDirContext(env); SearchControls searchControls = new SearchControls(); String[] attrIDs = {"cn"}; searchControls.setReturningAttributes(attrIDs); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); NamingEnumeration answer = context.search("", "(objectclass=group)", searchControls); while (answer.hasMore()) { SearchResult rslt = (SearchResult) answer.next(); Attributes attrs = rslt.getAttributes(); System.out.println(attrs.get("cn")); } context.close(); } catch (NamingException e) { e.printStackTrace(); } }
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.