如何从java中的Active Directory中的memberOf属性获取基于指定组(CN)的电子邮件地址列表

时间:2018-03-09 15:48:05

标签: ldap spring-ldap

我编写了一个程序来根据用户名从Active Directory中获取所有属性。现在我想根据memerOf属性中的组名CN = App_abc_Admin获取电子邮件地址列表。

Main .java 

    public void ldapQueryService()throws Exception{
        try {
            System.out.println("Querying Active Directory Using Java");
            System.out.println("------------------------------------");
            String domain = "abc.com";
            String url = "ldap.abc.com:389";
            String username = "username";
            String password = "password";
            String choice = "samaccountname";
            String searchTerm = "xyz";

            //Creating instance of ActiveDirectory
            ActiveDirectory activeDirectory = new ActiveDirectory(username, password, domain, url);

            //Searching
            NamingEnumeration<SearchResult> result = activeDirectory.searchUser(searchTerm, choice, null);

            while (result.hasMore()) {
                SearchResult rs = (SearchResult) result.next();
                Attributes attrs = rs.getAttributes();
                String temp = attrs.get("samaccountname").toString();
                System.out.println("Username     : " + temp.substring(temp.indexOf(":") + 1));
                String memberOf =  attrs.get("memberOf").toString();
                String stringToSearch = "CN=App_abc_Admin";
                boolean test = memberOf.toLowerCase().contains(stringToSearch.toLowerCase());
                if(test){ 
                   String mail = attrs.get("mail").toString();
                   System.out.println("Email ID  : " + mail.substring(mail.indexOf(":") + 1));
               }
            }
            activeDirectory.closeLdapConnection();
        }catch(Exception e){

        }
    }

ActiveDirectory.java 

public class ActiveDirectory {
        //required private variables

        private Properties properties;
        private DirContext dirContext;
        private SearchControls searchCtls;
        private String[] returnAttributes = { "*"};
        private String domainBase;
        private String baseFilter = "(&((&(objectCategory=Person)(objectClass=User)))";

        public ActiveDirectory(String username, String password, String domainController,String url) {
            properties = new Properties();

            properties.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
            properties.put(Context.PROVIDER_URL, "LDAP://" + url);
            properties.put(Context.SECURITY_PRINCIPAL, username + "@" + domainController);
            properties.put(Context.SECURITY_CREDENTIALS, password);

            //initializing active directory LDAP connection
            try {
                dirContext = new InitialDirContext(properties);
            } catch (NamingException e) {
                //LOG.severe(e.getMessage());
                //e.printStackTrace();
            }

            //default domain base for search
            domainBase = getDomainBase(domainController);

            //initializing search controls
            searchCtls = new SearchControls();
            searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
            searchCtls.setReturningAttributes(returnAttributes);
        }



        public NamingEnumeration<SearchResult> searchUser(String searchValue, String searchBy, String searchBase) throws NamingException {
            String filter = getFilter(searchValue, searchBy);
            String base = (null == searchBase) ? domainBase : getDomainBase(searchBase);
           return this.dirContext.search(base, filter, this.searchCtls);
        }


        public void closeLdapConnection(){
            try {
                if(dirContext != null)
                    dirContext.close();
            }
            catch (NamingException e) {
              //e.printStackTrace();
            }
        }


        private String getFilter(String searchValue, String searchBy) {
            String filter = this.baseFilter;
            if(searchBy.equals("email")) {
               filter += "(mail=" + searchValue + "))";
            } else if(searchBy.equals("username")) {
                filter += "(samaccountname=" + searchValue + "))";
            }else if(searchBy.equals("title")) {
                filter += "(title=" + searchValue + "))";
            }else if(searchBy.equals("department")) {
                filter += "(department=" + searchValue + "))";
            }else if(searchBy.equals("givenname")) {
                filter += "(givenname=" + searchValue + "))";
            }
            else if(searchBy.equals("samaccountname")) {
                filter += "(samaccountname=" + searchValue + "))";
            }

            return filter;
        }

        private static String getDomainBase(String base) {
            char[] namePair = base.toUpperCase().toCharArray();
            String dn = "DC=";
            for (int i = 0; i < namePair.length; i++) {
                if (namePair[i] == '.') {
                    dn += ",DC=" + namePair[++i];
                } else {
                    dn += namePair[i];
                }
            }
            return dn;
        }
    }

在上面的例子中,我通过搜索和搜索词。但是如何在memberOf属性中获取基于CN的用户列表?

我尝试更新过滤器,如下所示,但没有输出

private String baseFilter = "(&(objectClass=Person)(memberOf=cn=App_abc_Admin,ou=Application Groups,dc=abc,dc=com))";

1 个答案:

答案 0 :(得分:0)

更新了过滤器,如下所示。现在可以使用

private String baseFilter = "(&((&(objectCategory=Person)(objectClass=User)(mail=*abc.com)(memberOf=CN=App_abc_Admin,OU=Application Groups,OU=Security Groups,OU=Users_OU,DC=abc,DC=com))))";
相关问题
最新问题