![](/img/trans.png)
[英]how to get DN in LDAP with user ID using UnboundID LDAP SDK
[英]How to get decoded objectGUID from Active directory using UnboundID LDAP SDK in java?
场景 1:我能够从活动目录中获取 objectGUID,但它不是可读的字符串格式。 我们还需要将它以解码格式存储在 db 中。 使用提供的链接中的给定示例“ http://www.developerscrappad.com/1109/windows/active-directory/java-ldap-jndi-2-ways-of-decoding-and-using-the-objectguid-from -windows-active-directory/ ”,它演示了如何解码 objectGUID,但他们认为 objectGUID 长度为 16 字节(128 位)。 在我们的例子中,当我尝试获取 objectGUID 时,我得到的超过 128 位,有时我得到的少于 128 位,即我们没有得到特定的位长。 我的参考实现代码:
public class GetLDAPUsers {
public static void main(String args[]) {
new GetLDAPUsers().getUserFromAD();
}
void getUserFromAD() {
try {
LDAPConnection connection = new LDAPConnection("192.xxx.xx.xxx", 389);
System.out.println(connection);
String baseDN = "DC=wcomp1,DC=com";
String[] attributes = { "entryUUID", "sn", "mail", "givenName",
"objectGUID", "userAccountControl", "isDeleted", "modifyTimestamp", "WhenChanged", "WhenCreated"};
// Set Ldap Connection Options for server timeout
LDAPConnectionOptions connOption = new LDAPConnectionOptions();
connOption.setAutoReconnect(true);
connOption.setConnectTimeoutMillis(55000);
connection.setConnectionOptions(connOption);
//connection bind
connection.bind("CN=abc,CN=ab,DC=users,DC=com", "password");
System.out.println("connection successfully");
//search filter query for search specific user,for all users use (&(objectclass=User)) filter.
Filter filter = Filter.create("(&(objectclass=User)(givenName=testUserName))");
SearchRequest searchRequest = new SearchRequest(baseDN, SearchScope.SUB, filter,
attributes);
SearchResult searchResult = connection.search(searchRequest);
//get user detail
for (SearchResultEntry searchResultEntry : searchResult.getSearchEntries()) {
System.out.println("user name " + searchResultEntry.getAttribute("givenName").getValue() +
searchResultEntry.getAttribute("objectGUID").getValue()); //We get here objectGUID string which unreadable format
//We convert here objectGUID in dashed string
System.out.println("decoded objectGUID = " + convertToDashedString(searchResultEntry.getAttribute("objectGUID").getValue().getBytes()));
}
} catch (Exception e) {
e.printStackTrace();
}
}
public static String convertToDashedString(byte[] objectGUID) {
StringBuilder displayStr = new StringBuilder();
displayStr.append(prefixZeros((int) objectGUID[3] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[2] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[1] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[0] & 0xFF));
displayStr.append("-");
displayStr.append(prefixZeros((int) objectGUID[5] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[4] & 0xFF));
displayStr.append("-");
displayStr.append(prefixZeros((int) objectGUID[7] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[6] & 0xFF));
displayStr.append("-");
displayStr.append(prefixZeros((int) objectGUID[8] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[9] & 0xFF));
displayStr.append("-");
displayStr.append(prefixZeros((int) objectGUID[10] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[11] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[12] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[13] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[14] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[15] & 0xFF));
return displayStr.toString();
}
private static String prefixZeros(int value) {
if (value <= 0xF) {
StringBuilder sb = new StringBuilder("0");
sb.append(Integer.toHexString(value));
return sb.toString();
} else {
return Integer.toHexString(value);
}
}
}
场景 2:此外,当我尝试在 windows 环境和 linux 环境中使用上面的示例获取 objectGUID 时,我为同一用户获得了不同的 objectGUID。
您不能将ObjectGUID
解释为字符串。 通常,我会设置目录上下文环境以将ObjectGUID
作为byte[]
返回,然后使用 convert 方法
env.put("java.naming.ldap.attributes.binary", "ObjectGUID");
String newGuid = convertToDashedString(guid);
你可以简单地这样做:
public static String getGuidFromByteArray(byte[] bytes) {
ByteBuffer bb = ByteBuffer.wrap(bytes);
long high = bb.getLong();
long low = bb.getLong();
UUID uuid = new UUID(high, low);
return uuid.toString();
}
对于 Spring:注入属性
java.naming.ldap.attributes.binary
正确进入 ldapTemplate。
更正上述代码: searchResultEntry.getAttribute("objectGUID").getValueByteArray()
以上将为您提供可用于使用 Base64 进行编码的字节数组。
下面是错误的: searchResultEntry.getAttribute("objectGUID").getValue().getBytes() 将结果转换为字符串,然后转换为不正确的字节。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.