首页 > 代码库 > 关于Ldap对AD域账户的增删改查

关于Ldap对AD域账户的增删改查

今天心情很不爽,那啥也不懂的老板,又来直接修改了我的需求,还很自信的对我们研发人员说:“他这产品经理已经做得很好了!”,在这里我回复一句,以我这么多年的经验,做得跟一条狗似的,还自我感觉良好!!!好啦,不扯别的啦,来讲讲Ldap对AD域账户的操作吧!至于Ldap和ad今天就不做详细解释了,有兴趣的朋友可以看看上一篇博文,里面有详细的介绍!直接上代码:

/**
 * @Description: 
 *
 * @Title: LdapByUser.java
 * @Package com.joyce.ad
 * @Copyright: Copyright (c) 2014
 *
 * @author Comsys-LZP
 * @date 2014-8-8 上午10:39:35
 * @version V2.0
 */
package com.joyce.ad;

import java.util.Properties;

import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.InitialLdapContext;

/**
 * @Description:
 * 
 * @ClassName: LdapByUser
 * @Copyright: Copyright (c) 2014
 * 
 * @author Comsys-LZP
 * @date 2014-8-8 上午10:39:35
 * @version V2.0
 */
public class LdapByUser {
	DirContext dc = null;
	String root = "DC=2003,DC=com"; // LDAP的根节点的DC
	
	/**
	 * @Description: 程序主入口
	 *
	 * @param args
	 *
	 * @Title: LdapByUser.java
	 * @Copyright: Copyright (c) 2014
	 *
	 * @author Comsys-LZP
	 * @date 2014-8-11 上午10:27:15
	 * @version V2.0
	 */
	public static void main(String[] args) {
		LdapByUser ldap = new LdapByUser();
//		ldap.delete("CN=涛涛,OU=研发部,DC=2003,DC=com");
//		ldap.renameEntry("CN=joyce.luo,OU=test,DC=2003,DC=com", "CN=joyce.luo,OU=研发部,DC=2003,DC=com");
		SearchResult sr = ldap.searchByUserName(ldap.root, "joyce.luo");
		System.out.println(sr.getName());
//		ldap.modifyInformation(sr.getName(), "test");
		ldap.searchInformation(ldap.root);
		ldap.close();
	}
	
	/**
	 * 
	 */
	public LdapByUser() {
		super();
		init();
	}

	/**
	 * @Description: Ldap连接
	 *
	 *
	 * @Title: LdapByUser.java
	 * @Copyright: Copyright (c) 2014
	 *
	 * @author Comsys-LZP
	 * @date 2014-8-8 下午02:32:15
	 * @version V2.0
	 */
	public void init() {
		Properties env = new Properties();
		String adminName = "administrator@2003.com";// username@domain
		String adminPassword = "admin";// password
		String ldapURL = "LDAP://10.10.2.153:389";// ip:port
		env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
		env.put(Context.SECURITY_AUTHENTICATION, "simple");// "none","simple","strong"
		env.put(Context.SECURITY_PRINCIPAL, adminName);
		env.put(Context.SECURITY_CREDENTIALS, adminPassword);
		env.put(Context.PROVIDER_URL, ldapURL);
		try {
			dc = new InitialLdapContext(env, null);
			System.out.println("认证成功");
		} catch (Exception e) {
			System.out.println("认证失败");
			e.printStackTrace();
		}
	}
	
	/**
	 * @Description:关闭Ldap连接 
	 *
	 *
	 * @Title: LdapByUser.java
	 * @Copyright: Copyright (c) 2014
	 *
	 * @author Comsys-LZP
	 * @date 2014-8-8 下午02:31:44
	 * @version V2.0
	 */
	public void close() {
		if (dc != null) {
			try {
				dc.close();
			} catch (NamingException e) {
				System.out.println("NamingException in close():" + e);
			}
		}
	}


	/**
	 * @Description: 新增域账号
	 *
	 * @param newUserName
	 *
	 * @Title: LdapByUser.java
	 * @Copyright: Copyright (c) 2014
	 *
	 * @author Comsys-LZP
	 * @date 2014-8-8 下午02:32:50
	 * @version V2.0
	 */
	public void add(String newUserName) {
		try {
			BasicAttributes attrs = new BasicAttributes();
			BasicAttribute objclassSet = new BasicAttribute("objectClass");
			objclassSet.add("sAMAccountName");
			objclassSet.add("employeeID");
			attrs.put(objclassSet);
			attrs.put("ou", newUserName);
			dc.createSubcontext("ou=" + newUserName + "," + root, attrs);
		} catch (Exception e) {
			e.printStackTrace();
			System.out.println("Exception in add():" + e);
		}
	}

	/**
	 * 删除
	 * 
	 * @param dn
	 */
	public void delete(String dn) {
		try {
			dc.destroySubcontext(dn);
		} catch (Exception e) {
			e.printStackTrace();
			System.out.println("Exception in delete():" + e);
		}
	}

	/**
	 * @Description: 重命名节点
	 *
	 * @param oldDN
	 * @param newDN
	 * @return
	 *
	 * @Title: LdapByUser.java
	 * @Copyright: Copyright (c) 2014
	 *
	 * @author Comsys-LZP
	 * @date 2014-8-8 下午02:31:14
	 * @version V2.0
	 */
	public boolean renameEntry(String oldDN, String newDN) {
		try {
			dc.rename(oldDN, newDN);
			return true;
		} catch (NamingException ne) {
			System.err.println("Error: " + ne.getMessage());
			return false;
		}
	}

	/**
	 * @Description:修改 
	 *
	 * @param dn
	 * @param employeeID
	 * @return
	 *
	 * @Title: LdapByUser.java
	 * @Copyright: Copyright (c) 2014
	 *
	 * @author Comsys-LZP
	 * @date 2014-8-8 下午02:31:30
	 * @version V2.0
	 */
	public boolean modifyInformation(String dn, String employeeID) {
		try {
			System.out.println("updating...\n");
			ModificationItem[] mods = new ModificationItem[1];  
			// 修改属性
			Attribute attr0 = new BasicAttribute("OU",employeeID);  
			mods[0] = new ModificationItem(DirContext.ADD_ATTRIBUTE, attr0);  
			/* 修改属性 */  
			dc.modifyAttributes(dn+",DC=2003,DC=com", mods); 
			return true;
		} catch (Exception e) {
			e.printStackTrace();
			System.err.println("Error: " + e.getMessage());
			return false;
		}
	}

	/**
	 * @Description:搜索节点
	 * 
	 * @param searchBase
	 * 
	 * @Title: LdapByUser.java
	 * @Copyright: Copyright (c) 2014
	 * 
	 * @author Comsys-LZP
	 * @date 2014-8-8 上午11:26:49
	 * @version V2.0
	 */
	public void searchInformation(String searchBase) {
		try {
			SearchControls searchCtls = new SearchControls();
			searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
			String searchFilter = "(&(objectCategory=person)(objectClass=user)(name=*))";
			String returnedAtts[] = { "memberOf" };
			searchCtls.setReturningAttributes(returnedAtts);
			NamingEnumeration<SearchResult> answer = dc.search(searchBase,
					searchFilter, searchCtls);
			while (answer.hasMoreElements()) {
				SearchResult sr = (SearchResult) answer.next();
				System.out.println("<<<::[" + sr.getName() + "]::>>>>");
			}
		} catch (Exception e) {
			e.printStackTrace();
		}
	}

	/**
	 * @Description: 指定搜索节点搜索制定域用户
	 * 
	 * @param searchBase
	 * @param userName
	 * @return
	 * 
	 * @Title: LdapByUser.java
	 * @Copyright: Copyright (c) 2014
	 * 
	 * @author Comsys-LZP
	 * @date 2014-8-8 上午11:55:25
	 * @version V2.0
	 */
	public SearchResult searchByUserName(String searchBase, String userName) {
		SearchControls searchCtls = new SearchControls();
		searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
		String searchFilter = "sAMAccountName=" + userName;
		String returnedAtts[] = { "memberOf" }; // 定制返回属性
		searchCtls.setReturningAttributes(returnedAtts); // 设置返回属性集
		try {
			NamingEnumeration<SearchResult> answer = dc.search(searchBase,
					searchFilter, searchCtls);
			return answer.next();
		} catch (Exception e) {
			e.printStackTrace();
			System.err.println("Throw Exception : " + e);
		}
		return null;
	}
}

这些代码都亲测可行,如有不懂,请留言!!!祝各位工作愉快!!!