查询LDAP时,使用Com4j指定最大结果

时间:2013-03-19 09:03:02

标签: java active-directory ldap com4j

我正在尝试使用Com4j查询ldap以检索所有内部员工。下面的代码有效,但总是返回960个结果,而应该有数千个。有一种方法可以指定最大结果大小,还是应该做一些不同的事情?

public class SearchInternalPersons {

private static final Logger LOGGER = LoggerFactory.getLogger(SearchInternalPersons.class);

private static final String DEFAULT_FIELDS = "sAMAccountName,givenName,sn,employeeType";

public static void main(final String[] args) throws Exception {
    final Map<String, String> AD2attribute = Maps.newHashMap();
    final StringTokenizer tokenizer = new StringTokenizer(DEFAULT_FIELDS, ",");
    while (tokenizer.hasMoreTokens()) {
        final String token = tokenizer.nextToken();
        AD2attribute.put(token, token);
    }
    final _Connection con = ClassFactory.createConnection();
    con.provider("ADsDSOObject");
    con.open("Active Directory Provider", StringUtils.EMPTY, StringUtils.EMPTY, -1);
    final _Command cmd = ClassFactory.createCommand();
    cmd.activeConnection(con);
    String command = createCommand();
    LOGGER.debug("Command=" + command);
    cmd.commandText(command);
    _Recordset rs = cmd.execute(null, Variant.getMissing(), -1);
    if (rs.eof()) {
        LOGGER.error("no users not found.");
    } else {
        System.out.println(rs.pageCount()); // prints 96
        System.out.println(rs.pageSize()); // prints 10
        System.out.println(rs.recordCount()); // prints 960
        for (int i=0;i<63;i++) {
            System.out.println(rs.properties(i).name() + ":" + rs.properties(i).value());
        }
        for (int i = 0; i < rs.recordCount(); i++) {
            final Fields userData = rs.fields();
            final Map<String, String> userDataAttributes = new HashMap<String, String>();
            for (int j = 0; j < userData.count(); j++) {
                final Field field = userData.item(j);
                final String attribute = AD2attribute.get(field.name());
                if (attribute != null && !attribute.isEmpty()) {
                    final Object value = field.value();
                    final String textValue = (value == null) ? StringUtils.EMPTY : value.toString();
                    LOGGER.debug(field.name() + "=" + textValue);
                    userDataAttributes.put(attribute, textValue);
                }
            }
            rs.moveNext();
        }
    }
    rs.close();
    con.close();
}

private static String createCommand() {
    final StringBuilder commandBuilder = new StringBuilder("<LDAP://");
    commandBuilder.append((String) COM4J.getObject(IADs.class, "LDAP://RootDSE", null).get("defaultNamingContext"));
    commandBuilder.append(">;(employeeType=employee);");
    commandBuilder.append(DEFAULT_FIELDS);
    commandBuilder.append(";subTree");
    return commandBuilder.toString();
}

}

ResultSet属性如下:

IAccessor:true
IColumnsInfo:true
IColumnsInfo2:true
IConvertType:true
IGetSession:true
IRow:false
IGetRow:true
IRowset:true
IRowsetIdentity:true
IRowsetInfo:true
IRowsetLocate:true
IRowsetScroll:true
Preserve on Abort:false
Blocking Storage Objects:true
Use Bookmarks:true
Skip Deleted Bookmarks:false
Bookmark Type:1
Fetch Backwards:true
Hold Rows:true
Scroll Backwards:true
Column Privileges:true
Preserve on Commit:false
Immobile Rows:true
Literal Bookmarks:false
Literal Row Identity:true
Maximum Open Rows:0
Maximum Pending Rows:0
Maximum Rows:0
Notification Phases:0
Column Set Notification:0
Row Delete Notification:0
Row First Change Notification:0
Row Insert Notification:0
Row Resynchronization Notification:0
Rowset Release Notification:0
Rowset Fetch Position Change Notification:0
Row Undo Change Notification:0
Row Undo Delete Notification:0
Row Undo Insert Notification:0
Row Update Notification:0
Bookmarks Ordered:true
Own Inserts Visible:false
Own Changes Visible:false
Quick Restart:true
Reentrant Events:true
Remove Deleted Rows:false
Report Multiple Changes:false
Row Privileges:false
Row Threading Model:1
Strong Row Identity:false
Asynchronous:false
Deref Aliases:0
Size Limit:0
Server Time Limit:0
Column Names only:false
SearchScope:2
Timeout:0
Page size:0
Time limit:0
Chase referrals:0
Sort On:null
Cache Results:true
Bookmarkable:true

2 个答案:

答案 0 :(得分:2)

我能够通过更改属性“页面大小”来解决这个问题,如下所示:

cmd.properties("Page Size").value(50);

当然,50以外的其他值也是有效的。

答案 1 :(得分:1)

即使您的参数包含时间限制和大小限制等资源限制,这些值(称为客户端请求的资源限制)也不能覆盖服务器的限制。这是因为服务器保留了(由LDAP标准指定)覆盖客户端请求的资源限制的能力。换句话说,客户端请求的资源限制永远不会覆盖服务器的限制,除非服务器支持不受任何资源限制或访问控制的根DN的概念,并且LDAP客户端使用该服务器验证其与服务器的连接。根DN。

另一种可能性是搜索请求参数会过滤掉您期望的某些条目。尝试使用已知良好的命令行工具(如ldapsearch)来查询服务器并计算返回的条目数。

另见