概述
公司有几千号员工,使用ldap管理人员账号,开发了一套ad域的管理系统,方便人员入离职账号的统一管理、运维账号统一管理、单点登录管理、现将经生产环境运行稳定的代码放出,供大家参考,网上资料太少了,很多代码都用不了,基本一步一坑,
一些高级功能,可以加qq群:669293878 讨论:例如ad域密码(unicodePwd)修改、查询翻页,对ad域的jdk免证书登录等
person类:
package com.ad.ldaps;
import lombok.Data;
@Data
public class Person {
private String cn;
private String userPassword;
private String sAMAccountName;
private String name;
private String sn;
private String userAccountControl;
private String telephoneNumber;
private String givenName;
private String description;
private String displayName;
private String mail;
private String gidnumber;
private String loginshell;
private String uidnumber;
private String homeDirectory;
private String userWorkstations;
}
ldap增删改查:
package com.ad.ldaps;
import javax.naming.Context;
import javax.naming.NameClassPair;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.*;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Properties;
/**
* @Description:对Ldap用户的增删改查操作
* @author codearch qq:263664112
* @date 2020-07-03
*/
public class LdapUserBlog {
//DirContext dc = null;
LdapContext dc = null;
String root = "ou=people,dc=maxcrc,dc=com"; // LDAP的根节点的DC
//生产环境
final static String LDAPURL = "ldap://localhost:389";
final static String USER_NAME = "cn=Manager,dc=maxcrc,dc=com";
final static String USER_PWD = "secret";
/**
* @Description:程序入口
* @author codearch
* @throws Exception
* @date 2019-07-03
*/
public static void main(String[] args) throws Exception {
LdapUserBlog utils = new LdapUserBlog();
//utils.certinit();
String userName = "myhtest";
//0.连接
utils.init();
//1.添加用户
utils.add(userName);
//utils.add("lisi","si","li");
//6.删除用户
//utils.delete(userName);
//2.查找组织单位下的所有用户
//String base = utils.root;
//base = "ou=IT,dc=maxcrc,dc=com";
//utils.searchInformation(base);
/*
//3.查找组织单位下的某个用户
SearchResult sr = utils.searchByUserName(utils.root, "lisi");
System.out.println(sr.getName());*/
//7.修改密码失败
//
String oldPwd = "GoodSense@";
//
String newPwd = "123456@sensetime";
//utils.updatePWD(userName,oldPwd,newPwd);
//4.修改用户属性
//utils.updatePerson(userName);
//5.重命名用户
//utils.renameEntry("cn=myh,ou=people,dc=maxcrc,dc=com", "cn=myhrename,ou=people,dc=maxcrc,dc=com");
//utils.searchByUserNameUidNumber(utils.root,"lisi");
//3.查找组织单位下的某个用户
//SearchResult sr = utils.searchByUserName(utils.root, "lisi");
//System.out.println(sr.getName());
//utils.enablePerson("lisi");
//utils.searchInformation(utils.root);
//获取最大uidnumber
//int uidnumber = utils.getMaxUid();
//System.out.println("最大uidnumber:"+uidnumber);
utils.close();
}
/**
* @Description:使用非安全方式登录
* @author codearch qq群:669293878
* @date 2018-07-03
*/
public void init() {
Properties env = new Properties();
String adminName = "cn=Manager,dc=maxcrc,dc=com";// username@domain
String adminPassword = "secret";// password
String ldapURL = "ldap://localhost:389";// ip:port
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "simple");//LDAP访问安全级别:"none","simple","strong"
env.put(Context.SECURITY_PRINCIPAL, adminName);
env.put(Context.SECURITY_CREDENTIALS, adminPassword);
env.put(Context.PROVIDER_URL, ldapURL);
try {
dc = new InitialLdapContext(env, null);
System.out.println("Ldap帐户密码认证成功");
} catch (Exception e) {
System.out.println("Ldap帐户密码认证失败");
e.printStackTrace();
}
}
/**
* @Description:关闭Ldap服务连接
* @author codearch qq群:669293878
* @date 2018-07-03
*/
public void close() {
if (dc != null) {
try {
dc.close();
System.out.println("Ldap服务连接关闭");
} catch (NamingException e) {
System.out.println("NamingException in close():" + e);
}
}
}
/**
* @Description:新增Ldap用户
* @author codearch qq群:669293878
* @date 2018-07-03
*/
public void add(String newUserName) {
try {
String newQuotedPassword = ""GoodSense@"";
byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
//"unicodePwd: "+newUnicodePassword,
BasicAttribute objclassSet = new BasicAttribute("objectclass");
objclassSet.add("top");
objclassSet.add("inetOrgPerson");
objclassSet.add("posixAccount");
Attributes attrs = new BasicAttributes(true);
attrs.put(objclassSet);//将objectclass加到属性集合中
attrs.put("uid",newUserName);
attrs.put("uidNumber",System.currentTimeMillis()+"");
attrs.put("gidNumber","0");
attrs.put("homeDirectory","/root");
attrs.put("telephoneNumber","15880888368");
attrs.put("displayName", "显示名称");
attrs.put("description","描述");
attrs.put("mail",newUserName + "@sensetime.com");
attrs.put("givenName","名字");
//attrs.put("name","newUserName");
attrs.put("cn", newUserName);
attrs.put("sn", newUserName);
dc.createSubcontext("cn=" + newUserName + "," + root, attrs);
System.out.println("新增Ldap用户成功:" + newUserName);
} catch (Exception e) {
e.printStackTrace();
System.out.println("新增Ldap用户失败:" + newUserName);
}
}
/**
* @Description:新增Ldap用户
* @author codearch qq群:669293878
* @date 2018-07-03
*/
public void add (String newUserName,String firstName,String lastName) {
try {
BasicAttribute objclassSet = new BasicAttribute("objectclass");
objclassSet.add("top");
objclassSet.add("inetOrgPerson");
objclassSet.add("posixAccount");
Attributes attrs = new BasicAttributes(true);
attrs.put(objclassSet);//将objectclass加到属性集合中
attrs.put("uid",newUserName);
attrs.put("uidNumber",System.currentTimeMillis()+"");
//attrs.put("uidnumber", getMaxUid());
attrs.put("gidNumber","0");
attrs.put("homeDirectory","/root");
attrs.put("telephoneNumber","15880888368");
attrs.put("displayName", lastName + " "+firstName);
attrs.put("description","描述");
attrs.put("mail",newUserName + "@qq.com");
attrs.put("givenName",firstName);
attrs.put("sn", lastName);
attrs.put("cn", newUserName);
dc.createSubcontext("cn=" + newUserName + "," + root, attrs);
System.out.println("新增Ldap用户成功:" + newUserName);
} catch (Exception e) {
e.printStackTrace();
System.out.println("新增Ldap用户失败:" + newUserName);
}
}
/**
* @Description:删除Ldap用户
* @author codearch qq群:669293878
* @date 2018-07-03
*/
public void delete(String userName) {
String dn = "cn="+userName+","+ root;
try {
dc.destroySubcontext("cn="+userName+","+ root);
System.out.println("删除Ldap用户成功:" + dn);
} catch (Exception e) {
System.out.println("删除Ldap用户失败:" + dn);
e.printStackTrace();
}
}
/**
* @Description:重命名Ldap用户
* @author codearch qq群:669293878
* @date 2018-07-03
*/
public boolean renameEntry(String oldDN, String newDN) {
return true;
}
/**
* @Description:修改Ldap用户属性
* @author codearch qq群:669293878
* @date 2018-07-03
*/
public void updatePerson(String dn) {
Person person = new Person();
person.setCn(dn);
person.setDescription("修改描述");
if (person == null || person.getCn() == null
|| person.getCn().length() <= 0) {
return;
}
//修改的属性
List<ModificationItem> mList = new ArrayList<ModificationItem>();
mList.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE,new BasicAttribute("description", person.getDescription())));
if (mList.size() > 0) {
//集合转为数组
ModificationItem[] mArray = new ModificationItem[mList.size()];
for (int i = 0; i < mList.size(); i++) {
mArray[i] = mList.get(i);
}
try {
dc.modifyAttributes("cn="+dn + "," + root, mArray);
System.out.println("修改Ldap用户属性成功");
} catch (NamingException e) {
System.err.println("修改Ldap用户属性失败");
e.printStackTrace();
}
}
}
/**
* @Description:修改Ldap用户属性
* @author codearch qq群:669293878
* @date 2018-07-03
*/
public void enablePerson(String dn) {
}
/**
* @Description:搜索指定节点下的所有Ldap用户
* @author codearch qq群:669293878
* @date 2018-07-03
*/
public void searchInformation(String searchBase) {
//要获取的对象属性
String[] attributeNames = { "memberOf", "uidNumber","cn","objectClass"};
try {
SearchControls searchCtls = new SearchControls();
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
String searchFilter = "objectClass=inetOrgPerson";
String returnedAtts[] = { "memberOf" };
searchCtls.setReturningAttributes(returnedAtts);
NamingEnumeration<?> answer = dc.search(searchBase, searchFilter, searchCtls);
while (answer.hasMoreElements()) {
NameClassPair ncp = (NameClassPair) answer.next();
String ncpName = ncp.getName();
Attributes atts = dc.getAttributes(ncpName + "," + searchBase, attributeNames);
//获取对象属性
Attribute uidnumber = atts.get("uidNumber");
if(uidnumber!=null) {
String value = (String) uidnumber.get();
System.out.println(ncpName+"|"+value+"|uidNumber:"+uidnumber.toString());
}
System.out.println("--------------------");
Attribute objectClassAuttribute = atts.get("objectClass");
if(objectClassAuttribute != null) {
if (objectClassAuttribute.toString().indexOf("inetOrgPerson") != -1) {
//获取用户是user
System.out.println(atts+ncpName + "," + searchBase);
}
}
}
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* @Description:指定搜索节点搜索指定域用户
* @author codearch qq群:669293878
* @date 2018-07-03
*/
public SearchResult searchByUserName(String searchBase, String userName) {
SearchControls searchCtls = new SearchControls();
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
String searchFilter = "uid=" + userName;
String returnedAtts[] = { "memberOf" }; //定制返回属性
searchCtls.setReturningAttributes(returnedAtts); //设置返回属性集
try {
NamingEnumeration<SearchResult> answer = dc.search(searchBase, searchFilter, searchCtls);
return answer.next();
} catch (Exception e) {
System.err.println("指定搜索节点搜索指定域用户失败");
e.printStackTrace();
}
return null;
}
/**
* @Description:指定搜索节点搜索指定域用户
* @author codearch qq群:669293878
* @throws Exception
* @date 2018-07-03
*/
public void searchByUserNameUidNumber(String searchBase, String userName) throws Exception {
SearchControls searchCtls = new SearchControls();
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
String searchFilter = "cn=" + userName;
String returnedAtts[] = { "memberOf" }; //定制返回属性
searchCtls.setReturningAttributes(returnedAtts); //设置返回属性集
String[] attributeNames = { "memberOf", "uidNumber","name","objectClass"};
NamingEnumeration<?> answer = dc.search(searchBase, searchFilter, searchCtls);
while (answer.hasMoreElements()) {
NameClassPair ncp = (NameClassPair) answer.next();
String ncpName = ncp.getName();
Attributes atts = dc.getAttributes(ncpName + "," + searchBase, attributeNames);
//获取对象属性
Attribute uidnumber = atts.get("uidNumber");
if(uidnumber!=null) {
String value = (String) uidnumber.get();
System.out.println(ncpName+" uidNumber:"+value);
}
}
}
}最后
以上就是含蓄中心为你收集整理的【ldap】ldap系列-java对ldap的增删改查-翻页、重命名、密码修改的全部内容,希望文章能够帮你解决【ldap】ldap系列-java对ldap的增删改查-翻页、重命名、密码修改所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复