1. Active Directory (AD)
Active directory is a directory service for Windows Server.
It stores information about the various objects on the network and makes that information easy for administrators and users to find and use.
The Active Directory directory service uses structured data storage as the basis for the logical hierarchy of directory information.
Integrates security into Active directory through logon verification and access control of objects in the directory.
Directory services, such as Active directory, provide a way to store directory data and make that data available to network users and administrators.
For example, Active Directory stores information about user accounts, such as names, passwords, phone numbers, and so on, and allows other authorized users on the same network to access the information.
2.LDAP
LDAP is a Lightweight Directory Access Protocol, and the English name is Lightweight Directory Access Protocol.
LDAP is based on the X.500 standard.
LDAP reduces the required system resource consumption only by using a subset of the functionality of the original X.500 Directory Access Protocol (DAP).
Unlike X.500, LDAP supports TCP/IP, which is necessary for accessing the Internet.
LDAP and relational database are two different levels of concept, the latter is the storage mode (the same level as the grid database, object database), the former is the storage model and access protocol.
LDAP is a storage concept higher than the abstraction level of relational database, which is the same level as the query language SQL of relational database.
3.ADSI
Microsoft's ADSI (Active Directory service interface) can be used in Delphi to access the Active Directory.
ADSI is a set of directory services provided in the form of COM interfaces and is a generic interface for directory based services.
Some standard ADSI providers (Provider) have Winnt, IIS, LDAP, and NDS.
You can access four network directory structures through ADSI:
WinNT (Microsoft SAM database), LDAP (Lightweight Directory Access Protocol), NDS (NetWare Directory Service), and Nwcompat (Novell NetWare 3.x).
ADSI makes it easier for Windows NT administrators to work.
ADSI supports administrators to perform some general administrative tasks, such as adding new users, managing printers, security settings, and controlling NT domains.
Because ADSI uses COM interfaces, any programming language that supports COM, such as Delphi, BCB, VB, VC, can invoke ADSI.
If you call ADSI in Delphi, you need to introduce the Active Directory type library.
The operation is as follows:
In the IDE, Project--->import Type Library.
Select Active Ds Type Library (Version 1.0) and click Create Unit.
Delphi will do the corresponding package, generate Activeds_tlb.pas files.
Uses activeds_tlb, you can use ADSI in the Delphi program.
Package adoper; Import java.util.Hashtable;
Import Javax.naming.Context;
Import Javax.naming.ldap.LdapContext;
Import Javax.naming.ldap.InitialLdapContext;
Import javax.naming.NamingEnumeration;
Import Javax.naming.directory.SearchControls;
Import Javax.naming.directory.SearchResult;
Import javax.naming.NamingException;
Import Javax.naming.directory.Attribute;
Import javax.naming.directory.Attributes;
Import java.util.Enumeration;
public class Adopertest {
Public Adopertest () {
}
public void Getadinfo () {
Hashtable hashenv = new Hashtable ();
String Ldap_url = "ldap://192.168.100.3:389"; LDAP Access address
String adminname = "cn=oawebuser,cn=users,dc=hebmc,dc=com"; user name for//ad
String adminname = "Hebmc\oawebuser"; Note The user name: DomainUser or User@domain.com
AdminName = "OAWebUser@Hebmc.com"; Note The user name: DomainUser or User@domain.com
String AdminPassword = "CHENZUOOAUP02"; Password
Hashenv.put (Context.security_authentication, "simple"); LDAP Access security level
Hashenv.put (Context.security_principal, AdminName); AD User
Hashenv.put (Context.security_credentials, AdminPassword); AD Password
Hashenv.put (Context.initial_context_factory, "com.sun.jndi.ldap.LdapCtxFactory"); LDAP Factory class
Hashenv.put (Context.provider_url, Ldap_url);
try {
Ldapcontext CTX = new Initialldapcontext (hashenv, NULL);
Searchcontrols searchctls = new Searchcontrols (); Create The search controls
Searchctls.setsearchscope (Searchcontrols.subtree_scope); Specify the search scope
String searchfilter = "Objectclass=user"; Specify the LDAP search filter
String searchfilter = "Objectclass=organizationalunit";//specify the LDAP search filter
String searchbase = "dc=hebmc,dc=com"; Specify the Base for the search//Search domain node
int totalresults = 0;
Specify the attributes to return
String returnedatts[] = {"MemberOf"};//custom return property
String returnedatts[] = {
"url", "whenchanged", "EmployeeID", "name", "userPrincipalName",
"physicalDeliveryOfficeName", "Departmentnumber", "telephonenumber",
"HomePhone", "mobile", "department", "sAMAccountName", "whenchanged",
"Mail"}; Custom Return Properties
Searchctls.setreturningattributes (Returnedatts); Set return Property Set
Search for objects using the filter
Namingenumeration answer = Ctx.search (Searchbase, SEARCHFILTER,SEARCHCTLS);
while (Answer.hasmoreelements ()) {
SearchResult sr = (SearchResult) answer.next ();
System.out.println ("************************************************");
System.out.println (Sr.getname ());
Attributes attrs = Sr.getattributes ();
if (attrs!= null) {
try {
for (namingenumeration ne = Attrs.getall (); Ne.hasmore ();) {
Attribute Attr = (attribute) ne.next ();
System.out.println ("attributeid=" + Attr.getid (). toString ());
Reading property values
for (namingenumeration e = Attr.getall (); E.hasmore (); totalresults++) {
System.out.println ("attributevalues=" + e.next (). toString ());
}
System.out.println ("---------------");
Reading property values
Enumeration values = Attr.getall ();
if (values!= null) {//Iteration
while (Values.hasmoreelements ()) {
System.out.println ("attributevalues=" + values.nextelement ());
}
}
System.out.println ("---------------");
}
}
catch (Namingexception e) { System.err.println ("Throw Exception:" + e); } } } System.out.println ("Number:" + totalresults); Ctx.close (); } catch (Namingexception e) { E.printstacktrace (); System.err.println ("Throw Exception:" + e); } } public static void Main (String args[]) { Adopertest ad = new Adopertest (); Ad. Getadinfo (); } } |
Note:
Use LADP to access the AD, note the user name: DomainUser or User@domain.com.
If the user name is incorrect, the following exception may occur:
Javax.naming.AuthenticationException: [ldap:error code 49-80090308:ldaperr:dsid-0c090334, Comment: AcceptSecurityContext error, data 525, vece
Connecting Remote Desktop CMD
Mstsc
Dcprom