我有一个名为
的小组dn:cn = myGroup,ou = manegedGroup,dc = example,dc = com 在ldap中,我想在不使用ismemberof的情况下获得该组的成员数量。我不想要任何dn或cn,而只需要成员。
提前致谢
答案 0 :(得分:1)
不同的LDAP服务器具有不同的Group属性来表示成员。 MSAD使用属性“member”,OID使用“uniquemember”等。
要获取成员数,请搜索组条目“cn = myGroup”并获取“成员”属性的大小。
伪代码:
//Create initial dir context to dc=example,dc=com
env.put(DirContext.PROVIDER_URL, "ldap://<host>:<port>/dc=example,dc=com");
ctx = new InitialDirContext(env);
//Set returning attributes in search control
SearchControls controls = new SearchControls();
controls.setReturningAttributes(new String[] { "cn", "uniquemember"});
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
//Set search filter
String filter = "(cn=myGroup)";
//Search for the group under the correct OU passing filter and control
NamingEnumeration<SearchResult> searchResult =ctx.search("ou=manegedGroup",
filter, controls);
//Get the size of the member attributes which is count of group members
while (searchResult.hasMoreElements()) {
SearchResult ser = searchResult.next();
Attributes attribs = ser.getAttributes();
Attribute attrib = attribs.get("member");
System.out.println("member count : "+attrib.size());
}