如何检索GPO设置

Question

在尝试使用Java检索域的所有GPO时，我正遇到以下问题。我能够创建到Active Directory的连接并获取策略对象，但是我无法检索我感兴趣的设置。

我只能检索以下属性： 规范名称 CN 已建立 createTimeStamp 已删除 描述 显示名称 专有名称 dSCorePropagationData 标志 gPCFileSysPath gPCFunctionalityVersion gPCMachineExtensionNames gPCUserExtensionNames instanceType isCriticalSystemObject isDeleted LastKnownParent 改性 ModifyTimeStamp 名称 nTSecurityDescriptor 对象类别 对象类 对象GUID ProtectedFromAccidentalDeletion 有效的权利 showInAdvancedViewOnly systemFlags 已更改 已创建 版本号 whenChanged 创建时

您知道我应该如何面对这个问题？是否可以从任何扩展属性中检索每个GPO的设置？

我不知道代码是否有用，因为它只是一个连接和一个ldap查询：

colAttributes = {"*"};
strSearchRoot = "DC=xx,DC=xx";
this.getActiveDirectoryConnection().setRequestControl(null, Control.NONCRITICAL);
colSearchResult = this.getActiveDirectoryConnection().getQuery(colAttributes, "(ObjectClass=groupPolicyContainer)", strSearchRoot);
    while (colSearchResult.hasMoreElements())
    {
        objSearchResult = (SearchResult) colSearchResult.nextElement();
        objAttributes = objSearchResult.getAttributes();
    }

private void getActiveDirectoryConnection()
{
    return new ActiveDirectory(strDomain, strUsername, strPassword);
}

我尝试获取的一个示例是“默认域策略”，不仅是此默认策略，还包括所有策略。设置之间通过密码设置，例如maxPwdAge，lockoutThreshold等屏幕和电源设置

import java.io.File;
import java.io.IOException;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.PagedResultsControl;
import javax.naming.ldap.PagedResultsResponseControl;
public class ActiveDirectory
{
    private LdapContext objLDAPContext;
    public ActiveDirectory(String strURL, String strUserName, String strPassword) throws NamingException
    {
        Hashtable<String, Object> objEnvironment;
        objEnvironment = new Hashtable<String, Object>(11);
        objEnvironment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
        objEnvironment.put(Context.PROVIDER_URL,  strURL);
        objEnvironment.put(Context.SECURITY_AUTHENTICATION, "simple");
        objEnvironment.put(Context.SECURITY_PRINCIPAL, strUserName);
        objEnvironment.put(Context.SECURITY_CREDENTIALS, strPassword);
        objEnvironment.put("java.naming.ldap.attributes.binary", "objectGUID");
        try
        {
            this.objLDAPContext = new InitialLdapContext(objEnvironment, null);
        }
        catch (NamingException objException)
        {
            System.setProperty("javax.net.ssl.trustStore", "certificates".concat(File.separator).concat("cacerts"));
            objEnvironment.put(Context.PROVIDER_URL, strURL.replace("LDAP:", "LDAPS:").replace(":389", ":636"));
        }
        this.objLDAPContext = new InitialLdapContext(objEnvironment, null);
    }
    private LdapContext getContext()
    {
        return this.objLDAPContext;
    }
    public NamingEnumeration<SearchResult> getQuery(String[] colAttributes, String strLDAPFilter, String strSearchRoot) throws NamingException
    {
        NamingEnumeration<SearchResult> objAnswer;
        SearchControls objSearchControls = new SearchControls();
        objSearchControls.setReturningAttributes(colAttributes);
        objSearchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
        objAnswer = this.getContext().search(strSearchRoot, strLDAPFilter, objSearchControls);
        return objAnswer;
    }
    public void close() throws NamingException
    {
        this.getContext().close();
    }
    public void setRequestControl(byte[] objCookie, boolean bolControl)
    {
        int intPageSize;
        intPageSize = 1000;
        try
        {
            this.getContext().setRequestControls(new Control[]
            {
                new PagedResultsControl(intPageSize, objCookie, bolControl)
            });
        }
        catch(NamingException | IOException objException)
        {
            //No more pages could be recovered
        }
    }
    public byte[] getCookie()
    {
        byte[] objCookie;
        objCookie = null;
        try
        {
            Control[] objControl = this.getContext().getResponseControls();
            if (objControl != null)
            {
                for (int intCounter = 0; intCounter < objControl.length; intCounter++)
                {
                    if (objControl[intCounter] instanceof PagedResultsResponseControl)
                    {
                        PagedResultsResponseControl objPagedControl = (PagedResultsResponseControl) objControl[intCounter];
                        objCookie = objPagedControl.getCookie();
                    }
                }
            }
        }
        catch(NamingException objException)
        {
            //Skip errors null cookie will be handled
        }
        return objCookie;
    }
}