Using LDAP to manipulate AD domains

LDAP operation code sample initializing LDAP Directory service context
In this example, we use uid=linly,ou=people,dc=jsoso,dc=net this account, the link is located in the local 8389 Port LDAP server (ldap://localhost:8389), the authentication method uses simple type, That is, the user name/password method.

private static void InitialContext () throws namingexception{
if (singleton = = null) {
Singleton = new Ldapconnection ();
/*
* In the actual encoding, these environment variables should be read as far as possible through the configuration file
*/
LDAP Service Address
Singleton.sldap_url = "ldap://localhost:8389";
Administrator account
SINGLETON.SMANAGER_DN = "Uid=linly,ou=people,dc=jsoso,dc=net";
Administrator password
Singleton.smanager_password = "coffee";
Authentication type
Singleton.sauth_type = "simple";
JNDI Context Factory Class
Singleton.scontext_factory = "Com.sun.jndi.ldap.LdapCtxFactory";

Singleton.envProps.setProperty (Context.initial_context_factory, singleton.scontext_factory);
Singleton.envProps.setProperty (Context.provider_url, Singleton.sldap_url);
Singleton.envProps.setProperty (Context.security_authentication, Singleton.sauth_type);
Singleton.envProps.setProperty (Context.security_principal, SINGLETON.SMANAGER_DN);
Singleton.envProps.setProperty (Context.security_credentials, Singleton.smanager_password);
/*
* Bind LDAP server
*/
Singleton.dirctx = new InitialDirContext (singleton.envprops);
}
}

The LDAP service can be bound by a Hashtable or properties object that sets the parameters for the LDAP context and then initializes the InitialDirContext. This is equivalent to the connection object that gets the database in JDBC.

Bind/Create LDAP entry object
The user can create a new LDAP entry using the Bind method, and the following code creates a DN: The Organizationunit class LDAP entry for "Ou=employee, Dc=jsoso, dc=net" is as follows:


public Boolean createorganizationunit () {
String LDAPGROUPDN = "Ou=employee, Dc=jsoso, dc=net";
try {
/*
* Find out if the specified OU entry already exists
* If present, print the attribute information for the OU entry
* If not present, the program throws a Namingexception exception and enters exception handling
*/
Attributes attrs = dircontext.getattributes (LDAPGROUPDN);
System.out.println ("Find the group, Attributes list:");
namingenumeration<string> nenum = Attrs.getids ();
for (; Nenum.hasmore ();) {
String Attrid = Nenum.next ();
Attribute attr = (Attribute) attrs.get (Attrid);
System.out.println (Attr.tostring ());
}
return false;
} catch (Namingexception e) {
/*
* No corresponding group entry found, new group entry
*/
Create ObjectClass Property
Attribute objclass = new BasicAttribute ("objectclass");
Objclass.add ("top");
Objclass.add ("organizationalunit");
Create a CN attribute
Attribute cn = new BasicAttribute ("ou", "Employee");
Create attributes, and add objectclass and CN properties
Attributes attrs = new Basicattributes ();
Attrs.put (objclass);
Attrs.put (CN);
To bind a property to a new entry, create the entry
try {
Dircontext.bind (LDAPGROUPDN, NULL, attrs);
System.out.println ("Group created successful");
return true;
} catch (Namingexception E1) {
E1.printstacktrace ();
}
}
return false;
}


Get Entry Properties
The following code gets the collection of properties in the specified entry for the Entrydn parameter and prints it to the console

/**
* Gets a specified LDAP Entry
* @param Entrydn
*/
public void Find (String Entrydn) {
try {
Attributes attrs = dircontext.getattributes (Entrydn);
if (attrs! = null) {
namingenumeration<string> nenum = Attrs.getids ();
for (; Nenum.hasmore ();) {
String Attrid = Nenum.next ();
Attribute attr = (Attribute) attrs.get (Attrid);
System.out.println (Attr.tostring ());
}
System.out.println ();
}else{
System.out.println ("No found binding.");
}
}catch (namingexception ne) {
Ne.printstacktrace ();
}
}

Modify Entry Properties
Modify the CN, givenname, SN, and userpassword four attribute values in the entry for Dn=user.getdistinguishedname ().
(Note: The parameter Dircontext.replace_attribute has two additional constants: Dircontext.add_attribute;dircontext.remove_attribute, which represent the new attribute and the delete attribute, respectively.) ）

/**
* Modify user Information
* @param user
* @return
* @throws Exception
*/
public boolean modifyuser (Ldapuser user) throws Exception {
User object is empty
if (user = = null) {
throw new Exception ("No user Information!n");
}

Check UID
String UserDN = User.getdistinguishedname ();
if (UserDN = = null && userdn.length () = = 0) {
throw new Namingexception ("No UserDN you Specify!n");
}

Determine if the user entry already exists
if (!isuserexist (UserDN)) {
return false;
}

Setting properties
Attributes attrs = new Basicattributes ();
Setbasicattribute (Attrs, "cn", User.getcommomname ());
Setbasicattribute (Attrs, "givenname", User.getfirstname ());
Setbasicattribute (Attrs, "SN", User.getlastname ());
Setbasicattribute (Attrs, "UserPassword", User.getpassword ());
modifying properties
try{
Dircontext.modifyattributes (User.getdistinguishedname (), Dircontext.replace_attribute, attrs);
System.out.println ("User (" + user.getdistinguishedname () + ") information MODIFIED.N");
return true;
}catch (namingexception ne) {
Ne.printstacktrace ();
}
return false;
}



Search for an entry based on a property set
Searches for matching entries in all of its subtrees in context dn= "Ou=people,dc=jsoso, Dc=net", based on the matching values in the attribute set matchingattributes.
(Note: Searchcontrols's scope parameter is described in Searchcontrols scope supplement)

/**
* Search LDAP samples by attributes
* @return
*/
public void Searchbyattribute (Attributes matchingattributes) {
String BaseDN = "Ou=people,dc=jsoso, dc=net";
Searchcontrols cons = new Searchcontrols ();
Cons.setsearchscope (Searchcontrols.subtree_scope);
try {
Name baseName = new LDAPName (BaseDN);
namingenumeration<searchresult> ne = dircontext.search (baseName, matchingattributes);
SearchResult entry = null;
for (; Ne.hasmore ();) {
Entry = Ne.next ();
Showentry (entry);
}
} catch (Namingexception e) {
E.printstacktrace ();
}
}

Search for entries based on filters
According to the filter condition, in the context DN = "Ou=people,dc=jsoso, dc=net", search for matching entries in all its subtrees.
(Note: The relevant syntax for filter filters is described in the LDAP Filter Syntax supplement)

/**
* Search LDAP Samples via filters
* @return
*/
public void Searchbyfilter (String filter) {
String BaseDN = "Ou=people,dc=jsoso, dc=net";
Searchcontrols cons = new Searchcontrols ();
Cons.setsearchscope (Searchcontrols.subtree_scope);
try {
namingenumeration<searchresult> ne = dircontext.search (BaseDN, filter, cons);
SearchResult entry = null;
for (; Ne.hasmore ();) {
Entry = Ne.next ();
Showentry (entry);
}
} catch (Namingexception e) {
E.printstacktrace ();
}

The content here is to transcribe other people's, written by their own no one else to write this part of the whole. Here the addition of users, add organizational units, find users have passed my verification, no problem. But the modification I did not verify through.

Delete is not done, but from the API, there is no problem. Detailed content can go to Baidu Library search: LDAP practical data ingest 3.doc.

In this example, we use uid=linly,ou=people,dc=jsoso,dc=net this account, the link is located in the local 8389 Port LDAP server (ldap://localhost:8389), the authentication method uses simple type, That is, the user name/password method.

Java code

1. private static void InitialContext () throws namingexception{

2. if (singleton = = null) {

3. Singleton = new Ldapconnection ();

4./*

5. * In the actual encoding, these environment variables should be read as far as possible through the configuration file

6. */

7.//LDAP Service Address

8. Singleton.sldap_url = "ldap://localhost:8389";

9.//Admin Account

Ten. Singleton.smanager_dn = "Uid=linly,ou=people,dc=jsoso,dc=net";

11.//Administrator Password

Singleton.smanager_password = "coffee";

13.//Authentication type

Singleton.sauth_type = "simple";

//jndi Context Factory Class

Singleton.scontext_factory = "Com.sun.jndi.ldap.LdapCtxFactory";

17.

Singleton.envProps.setProperty (Context.initial_context_factory, singleton.scontext_factory);

Singleton.envProps.setProperty (Context.provider_url, Singleton.sldap_url);

Singleton.envProps.setProperty (Context.security_authentication, Singleton.sauth_type);

Singleton.envProps.setProperty (Context.security_principal, SINGLETON.SMANAGER_DN);

Singleton.envProps.setProperty (Context.security_credentials, Singleton.smanager_password);

23./*

24. * Bind LDAP server

25. */

Singleton.dirctx = new InitialDirContext (singleton.envprops);

27.}

28.}

Using LDAP to manipulate AD domains