Question

在公司Active Directory中具有以下组织结构;

DC = FOO，DC =巴，DC = com的

OU =员工

CN = employee1

CN =和Employee2



OU =实习生

CN = INTERN1

CN = INTERN2



OU = X

OU = Y

OU = Z

我需要检索单个列表;

具有属性“A”且不具有属性“B”的员工和实习生具有属性“B”和不具有属性“A”。

通过将 DC = foo，DC = bar，DC = com 设置为基础来生成Spring LDAP的LdapContextSource，我在LdapTemplate上看不到任何用于设置的搜索API具有单独过滤器的多个搜索库。

以下是不返回任何匹配项的示例代码;

@Configuration
public class LdapConfiguration {

    @Autowired
    Environment env;

    @Bean
    public LdapContextSource contextSource () {
        LdapContextSource contextSource= new LdapContextSource();
        contextSource.setUrl(env.getRequiredProperty("ldap.url"));
        contextSource.setBase("DC=foo,DC=bar,DC=com");
        contextSource.setUserDn(env.getRequiredProperty("ldap.user"));
        contextSource.setPassword(env.getRequiredProperty("ldap.password"));
        return contextSource;
    }

    @Bean
    public LdapTemplate ldapTemplate() {
        return new LdapTemplate(contextSource());        
    }

    private List<Contact> ldapsearch(AndFilter filter) {
    OrFilter orFilter = new OrFilter();
    // EMPLOYEE FILTER
    AndFilter employeesFilter = new AndFilter();
    employeesFilter.and(filter);
    // ou=employees
    employeesFilter.and(new EqualsFilter(DirectoryConstants.OU, DirectoryConstants.EMPLOYEES));
    // A=*
    employeesFilter.and(new PresentFilter(DirectoryConstants.A));
    // (!(B=*))
    employeesFilter.and(new NotPresentFilter(DirectoryConstants.B));
    // INTERN FILTER
    AndFilter internFilter = new AndFilter();
    internFilter.and(filter);
    // ou=interns
    internFilter.and(new EqualsFilter(DirectoryConstants.OU, DirectoryConstants.INTERNS));
    // (!(A=*))
    internFilter.and(new NotPresentFilter(DirectoryConstants.A));
    // (B=*)
    internFilter.and(new PresentFilter(DirectoryConstants.B));

    orFilter.or(employeesFilter);
    orFilter.or(internFilter);

    List<Contact> contacts = null;
    try {
        contacts = ldapTemplate().search(
                "",
                orFilter.encode(),
                new AttributesMapper<Contact>() {
                    public Contact mapFromAttributes(Attributes attrs) throws NamingException {
                        return buildContact(attrs);
                    }
                });
    } catch (Exception e) {
        logger.error("Active directory search failed. " + e.getMessage());
    }
    return contacts;
}
}

我认为上面的过滤器ou=employees和ou=interns不应该是过滤器的一部分，而应该是base（ldapTemplate().search()的第一个参数）的一部分。但是，我找不到任何API，既没有为ldapTemplate().search()设置多个基数，也没有为每个基础设置单独的过滤器。

有关单步执行此查询的任何想法吗？

Answer 1

您可以使用LdapQuery.base（DirectoryConstants.EMPLOYEES）过滤其OU为DirectoryConstants.EMPLOYEES的项目。下面的代码显示找到其OU为'dev'的所有项，名为objectClass的属性为'group'。

{
  "all_foods": {
    "list1": {
      "1": "---------------",
      "5": "---------------"
    },
    "list2": {
      "1": "---------------",
      "3": "---------------"
    },
    "list9": {
      "1": "---------------",
      "4": "---------------",
      "6": "---------------"
    }
  },
  "show_mixture": false,
  "User_status": 2,
  "lists": [
    {
      "UserDailyList": {
        "id": "142885",
        "created": "2017-08-06 22:12:56",
        "modified": "2017-08-06 22:12:56"
      },
      "foods": {
        "1": {
          "meal": "---------------",
          "food": "---------------"
        },
        "2": {
          "meal": "---------------",
          "food": "---------------"
        },
        "3": {
          "meal": "---------------",
          "food": "---------------"
        }
      }
    }
  ],
  "error": 1,
  "message": "",
  "condition": {
    "code": "7",
    "message": "-------",
    "token": 10
  }
}

Spring LdapTemplate使用单独的过滤器在多个基础上进行搜索

1 个答案: