我希望使用UnboundID LDAP SDK从Active Directory(AD)获取用户实体的更改。
默认情况下AD是否支持永久搜索或条目更改通知,或者我必须进行任何设置?
提前致谢
答案 0 :(得分:0)
您必须在Active Directory上使用扩展搜索操作,该操作允许您注册以在发生更改时收到通知。
这是Microsoft AD提供的OID:
https://msdn.microsoft.com/en-us/library/aa366983(v=vs.85).aspx
就UnboundID LDAP SDK而言,似乎这个控件应该做你需要的作为这个控件(但不是Java专家):
答案 1 :(得分:0)
根据建议的注释,LDAP_SERVER_NOTIFICATION_OID控件实现应该适用于AD。看到这个非常基本的测试示例:
// LDAP_SERVER_NOTIFICATION_OID (1.2.840.113556.1.4.528)
@Test
public void test_LDAP_SERVER_NOTIFICATION_OID() throws LDAPException, InterruptedException
{
AsyncSearchResultListener myAsyncSearchResultListener = new MyLdapChangeAsyncListener();
SearchRequest searchRequest = new SearchRequest(
myAsyncSearchResultListener,
"DC=test,DC=lab,DC=com", // baseDN
SearchScope.SUB,
Filter.createPresenceFilter("objectClass"), null);
Control myControl = new Control("1.2.840.113556.1.4.528");
searchRequest.addControl(myControl);
AsyncRequestID asyncSearchId = connection.asyncSearch(searchRequest);
// Wait 15 seconds for changes to be returned
Thread.sleep(15000);
connection.abandon(asyncSearchId);
connection.close();
}
private class MyLdapChangeAsyncListener implements AsyncSearchResultListener
{
@Override
public void searchEntryReturned(SearchResultEntry searchEntry)
{
System.out.println(" >>> ldap searchEntryReturned: " + searchEntry);
}
@Override
public void searchReferenceReturned(SearchResultReference searchReference)
{
System.out.println(" >>> ldap searchReferenceReturned: " + searchReference);
}
@Override
public void searchResultReceived(AsyncRequestID requestID, SearchResult searchResult)
{
System.out.println(" >>> ldap searchResultReceived: " + requestID + " / " + searchResult);
}
}
测试没有太大作用。等待15秒,同时打印出baseDN中的任何变化。