import java.util.HashMap;
import java.util.Hashtable;
import java.util.Map;
import javax.naming.AuthenticationException;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.*;
public class connectAD {
public static void main(String[] args) {
String userName = "zhanglong";//AD域认证,用户的登录UserName
String password = "*******";//AD域认证,用户的登录PassWord
String host = "10.10.1.1";//AD域IP,必须填写正确
String domain = "@kyland.com";//域名后缀,例[email protected]
String port = "389"; //端口,一般默认389
String url = new String("ldap://" + host + ":" + port);//固定写法
String user = userName.indexOf(domain) > 0 ? userName : userName + domain;//网上有别的方法,我这么使用的
Hashtable hashEnv = new Hashtable();//实例化一个Env
Map<String,String> map = new HashMap<>();
DirContext ctx = null;
hashEnv.put(Context.SECURITY_AUTHENTICATION, "simple");//LDAP访问安全级别(none,simple,strong),一种模式,这么写就行
hashEnv.put(Context.SECURITY_PRINCIPAL, user); //用户名
hashEnv.put(Context.SECURITY_CREDENTIALS, password);//密码
hashEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");// LDAP工厂类
hashEnv.put("com.sun.jndi.ldap.connect.timeout", "3000");//连接超时设置为3秒
hashEnv.put(Context.PROVIDER_URL, url);//Url
try {
ctx = new InitialDirContext(hashEnv);// 初始化上下文
System.out.println("身份验证成功!");
SearchControls searchCtls = new SearchControls();//创建搜索控制器
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);//设置搜索范围
//LDAP搜索过滤器类,此处只获取AD域用户,所以条件为用户user或者person均可
//(&(objectCategory=person)(objectClass=user)(name=*))
String searchFilter = "(&(objectCategory=person)(objectClass=user)(userPrincipalName="+user+"))";
String searchBase = "OU=XXXX,DC=kyland,DC=com";//AD域节点结构
//定制返回属性
String returnedAtts[] = {"name","userPrincipalName","departmentNumber","department"}; // 定制返回属性
searchCtls.setReturningAttributes(returnedAtts);//设置返回属性集
// 根据设置的域节点、过滤器类和搜索控制器搜索LDAP得到结果
NamingEnumeration<SearchResult> answer = ctx.search(searchBase, searchFilter,searchCtls);
while (answer.hasMoreElements()) {//遍历结果集
SearchResult sr = answer.next();//得到符合搜索条件的DN
System.out.println("DN:"+sr.getName());
Attributes Attrs = sr.getAttributes();//得到符合条件的属性集
if (Attrs != null) {
try {
for (NamingEnumeration ne = Attrs.getAll(); ne.hasMore(); ) {
Attribute Attr = (Attribute) ne.next();//得到下一个属性
System.out.print("AttributeID=属性名:" + Attr.getID() + "=");
//读取属性值
for (NamingEnumeration e = Attr.getAll(); e.hasMore(); ) {
String userInfo = e.next().toString();
System.out.print(userInfo+";");
map.put(Attr.getID(),userInfo);
}
System.out.println("");
}
} catch (NamingException e) {
System.err.println("Throw Exception : " + e);
}
}
System.out.println("************************************************");
ctx.close();
}
} catch (AuthenticationException e) {
System.out.println("用户名或密码错误!");
} catch (javax.naming.CommunicationException e) {
System.out.println("AD域连接失败!");
e.printStackTrace();
} catch (Exception e) {
System.out.println("身份验证未知异常!");
e.printStackTrace();
} finally{
if(null != ctx){
try {
ctx.close();
ctx=null;
} catch (Exception e) {
e.printStackTrace();
}
}
}
}
}
参考文章: