无法使用 LDAP 连接从 Java 后端检索 Active Directory 用户 [LDAP:错误代码 32 – 没有此类对象]
Unable to retrieve Active Directory users from Java backend using LDAP connection [LDAP: error code 32 – No Such Object]
我想连接到一个 AD 并按用户过滤以检查它是否存在 (uid)。以后我也要查密码
目前我已经尝试实现一些简单的功能,例如在屏幕上列出所有用户、他们的姓氏和 ID,但没有成功。目标是获取包含所有 uid 的列表,并检查我的网站数据库中是否存在相同的 uid。
我收到此错误:LDAP:错误代码 32 – 没有此类对象
这是我第一次使用 AD,我认为我对 AD 树做错了。
这是我尝试过的代码:
public class ActiveDirectory {
private Properties properties;
private DirContext dirContext;
private boolean conected = false;
private String Error;
public ActiveDirectory(String username, String password, String domainController) {
//Path keystore whith the registred SSL certficate
String keystorePath = "C:\Program Files\Java\jdk-12.0.2\lib\security\cacerts";
System.setProperty("javax.net.ssl.keyStore", keystorePath);
System.setProperty("javax.net.ssl.keyStorePassword", "******");
properties = new Properties();
properties.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
properties.put(Context.SECURITY_AUTHENTICATION,"simple");
properties.put(Context.PROVIDER_URL, "LDAPS://kldap.***.***:636");
properties.put(Context.SECURITY_PRINCIPAL, "uid=blabla,ou=blabla,DC=blabla,DC=blabla");
properties.put(Context.SECURITY_CREDENTIALS, "******");
//Initializing active directory LDAP connection
try {
dirContext = new InitialDirContext(properties);
String searchFilter = "(objectClass=inetOrgPerson)";
String[] requiredAttributes= {"sn", "cn", "employeeNumber"};
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
controls.setReturningAttributes(requiredAttributes);
NamingEnumeration users = dirContext.search("ou=Users,o=Company", searchFilter, controls);
SearchResult searchResult = null;
String commonName = null;
String surName = null;
String employeeNum = null;
while (Users.hasMore()) {
searchResult = (SearchResult) Users.next();
Attributes attr = searchResult.getAttributes();
commonName = attr.get("cn").get(0).toString();
surName = attr.get("sn").get(0).toString();
employeeNum = attr.get("employeeNumber").get(0).toString();
System.out.println("Name: " + commonName);
System.out.println("Surname: " + surName);
System.out.println("Employee number = " + employeeNum);
}
conected = true;
} catch (NamingException e) {
conected = false;
Error = e.getMessage();
LOG.severe(e.getMessage());
e.printStackTrace();
}
}
public boolean isConected() {
if (conected) {
return true;
}else {
return false;
}
}
public String getError() {
return Error;
}
}
已解决!
这是错误的:NamingEnumeration users = dirContext.search("ou=Users,o=Company", searchFilter, controls);
正确的方法是:
NamingEnumeration users = dirContext.search("ou=Users,DC=Blabla,DC=Blabla", searchFilter, controls);
我想连接到一个 AD 并按用户过滤以检查它是否存在 (uid)。以后我也要查密码
目前我已经尝试实现一些简单的功能,例如在屏幕上列出所有用户、他们的姓氏和 ID,但没有成功。目标是获取包含所有 uid 的列表,并检查我的网站数据库中是否存在相同的 uid。
我收到此错误:LDAP:错误代码 32 – 没有此类对象
这是我第一次使用 AD,我认为我对 AD 树做错了。
这是我尝试过的代码:
public class ActiveDirectory {
private Properties properties;
private DirContext dirContext;
private boolean conected = false;
private String Error;
public ActiveDirectory(String username, String password, String domainController) {
//Path keystore whith the registred SSL certficate
String keystorePath = "C:\Program Files\Java\jdk-12.0.2\lib\security\cacerts";
System.setProperty("javax.net.ssl.keyStore", keystorePath);
System.setProperty("javax.net.ssl.keyStorePassword", "******");
properties = new Properties();
properties.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
properties.put(Context.SECURITY_AUTHENTICATION,"simple");
properties.put(Context.PROVIDER_URL, "LDAPS://kldap.***.***:636");
properties.put(Context.SECURITY_PRINCIPAL, "uid=blabla,ou=blabla,DC=blabla,DC=blabla");
properties.put(Context.SECURITY_CREDENTIALS, "******");
//Initializing active directory LDAP connection
try {
dirContext = new InitialDirContext(properties);
String searchFilter = "(objectClass=inetOrgPerson)";
String[] requiredAttributes= {"sn", "cn", "employeeNumber"};
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
controls.setReturningAttributes(requiredAttributes);
NamingEnumeration users = dirContext.search("ou=Users,o=Company", searchFilter, controls);
SearchResult searchResult = null;
String commonName = null;
String surName = null;
String employeeNum = null;
while (Users.hasMore()) {
searchResult = (SearchResult) Users.next();
Attributes attr = searchResult.getAttributes();
commonName = attr.get("cn").get(0).toString();
surName = attr.get("sn").get(0).toString();
employeeNum = attr.get("employeeNumber").get(0).toString();
System.out.println("Name: " + commonName);
System.out.println("Surname: " + surName);
System.out.println("Employee number = " + employeeNum);
}
conected = true;
} catch (NamingException e) {
conected = false;
Error = e.getMessage();
LOG.severe(e.getMessage());
e.printStackTrace();
}
}
public boolean isConected() {
if (conected) {
return true;
}else {
return false;
}
}
public String getError() {
return Error;
}
}
已解决!
这是错误的:NamingEnumeration users = dirContext.search("ou=Users,o=Company", searchFilter, controls);
正确的方法是:
NamingEnumeration users = dirContext.search("ou=Users,DC=Blabla,DC=Blabla", searchFilter, controls);