LDAP操作AD示例
初次对活动目录(AD)操作,记录下基本的操作方式。
?
import java.security.Security;import java.util.Hashtable;import javax.naming.AuthenticationException;import javax.naming.Context;import javax.naming.NamingException;import javax.naming.directory.Attribute;import javax.naming.directory.Attributes;import javax.naming.directory.BasicAttribute;import javax.naming.directory.BasicAttributes;import javax.naming.directory.DirContext;import javax.naming.directory.ModificationItem;import javax.naming.ldap.Control;import javax.naming.ldap.InitialLdapContext;import javax.naming.ldap.LdapContext;public class ADTest{ private LdapContext ctx = null; private String baseName = ",CN=users,DC=zzt,DC=com"; public ADTest() { try { Hashtable<String, String> ldapEnv = new Hashtable<String, String>(); ldapEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); ldapEnv.put(Context.PROVIDER_URL, "ldap://192.168.0.1"); ldapEnv.put(Context.SECURITY_AUTHENTICATION, "simple"); ldapEnv.put(Context.SECURITY_PRINCIPAL, "CN=Administrator,CN=users,DC=zzt,DC=com"); ldapEnv.put(Context.SECURITY_CREDENTIALS, "123456"); // 密码 // ldapEnv.put(Context.SECURITY_PROTOCOL, "ssl"); ctx = new InitialLdapContext(ldapEnv, null); } catch (Exception e) { System.out.println(" bind error: " + e); e.printStackTrace(); } } /** * 创建一个新的用户 * @param username * @param surname * @param givenName */ public void createNew(String username, String surname, String givenName) { try { String distinguishedName = "cn=" + username + baseName; Attributes newAttributes = new BasicAttributes(true); Attribute oc = new BasicAttribute("objectclass"); oc.add("top"); oc.add("person"); oc.add("organizationalperson"); oc.add("user"); newAttributes.put(oc); newAttributes.put(new BasicAttribute("sAMAccountName", username)); newAttributes.put(new BasicAttribute("cn", username)); newAttributes.put(new BasicAttribute("sn", surname)); ctx.createSubcontext(distinguishedName, newAttributes); } catch (Exception e) { System.out.println("create error: " + e); e.printStackTrace(); System.exit(-1); } } /** * 更新用户 * @param username */ public void update(String username) { try { System.out.println("updating...\n"); ModificationItem[] mods = new ModificationItem[1]; mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("description", "hello world")); ctx.modifyAttributes("cn=" + username + baseName, mods); } catch (Exception e) { System.out.println(" update error: " + e); System.exit(-1); } } /** * 修改密码 * @param username * @param password */ public void updatePassword(String username, String password) { try { System.out.println("updating password...\n"); String quotedPassword = """ + password + """; // char unicodePwd[] = quotedPassword.toCharArray(); // byte pwdArray[] = new byte[unicodePwd.length * 2]; // for (int i = 0; i < unicodePwd.length; i++) // { // pwdArray[i * 2 + 1] = (byte) (unicodePwd[i] >>> 8); // pwdArray[i * 2 + 0] = (byte) (unicodePwd[i] & 0xff); // } // System.out.print("encoded password: "); // for (int i = 0; i < pwdArray.length; i++) // { // System.out.print(pwdArray[i] + " "); // } byte[] newUnicodePassword = quotedPassword.getBytes("UTF-16LE"); System.out.println(); ModificationItem[] mods = new ModificationItem[1]; mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword)); ctx.modifyAttributes("cn=" + username + baseName, mods); } catch (Exception e) { System.out.println("update password error: " + e); e.printStackTrace(); System.exit(-1); } } /** * 登陆认证 * * @param userDn * String * @param password * String * @return boolean */ public boolean authenticate(String userDn, String password) { try { Control[] connCtls = new Control[] {}; ctx.getRequestControls(); ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDn); ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password); ctx.reconnect(connCtls); return true; } catch (AuthenticationException e) { return false; } catch (NamingException e) { return false; } finally { if (ctx != null) { try { ctx.close(); } catch (NamingException e) { e.printStackTrace(); } ctx = null; } } } /** * 删除用户. * * @param userDN * String 用户DN * @return */ public boolean del(String userDN) { try { ctx.destroySubcontext(userDN); return true; } catch (NamingException e) { System.err.println("Problem changing password: " + e); } catch (Exception e) { System.err.println("Problem: " + e); } finally { if (ctx != null) { try { ctx.close(); } catch (NamingException e) { e.printStackTrace(); } ctx = null; } } return false; } public static void main(String[] args) { Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); ADTest adt = new ADTest(); // System.out.println(adt.authenticate("CN=zztxxx,CN=users,DC=zzt,DC=com", "asdf23")); // System.out.println(adt.del("CN=zztxxx,CN=users,DC=zzt,DC=com")); }}?
1 楼 every 2010-10-12 你好