使用用户名LDAP获取用户DN [英] getting user DN with user name LDAP

问题描述

我想使用提供的用户名获取用户DN. 我的想法是，我想检索所有用户数据并与用户名进行比较. 现在，我已经在搜索过滤器中添加了对象类，但我不知道为什么无法检索数据. 这是我目前拥有的代码.

I want to get user DN with the username provided. What I think is that I want to retrieve all the user data and compare with the username. And now, I have added objectclass in my search filter and I have no idea why is the data is not retrieving. Here are the codes that I currently have.

Hashtable env = new Hashtable();
    env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL, url);
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.SECURITY_PRINCIPAL, "cn=admin,ou=sa,o=system");
    env.put(Context.SECURITY_CREDENTIALS, "P@ssw0rd");

    try{
    DirContext context = new InitialDirContext(env);
    SearchControls constraints = new SearchControls();
    constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
    NamingEnumeration result = context.search("", "(objectclass=Person)", constraints);
    while(result.hasMore())
    {
        SearchResult searchResult = (SearchResult) result.next();
        Attributes attrs = searchResult.getAttributes();
        request.setEmail(attrs.get("mail").toString());
        request.setPhoneNumber(attrs.get("personalMobile").toString());
        Attribute ldapattr = attrs.get("photo");
        if(ldapattr != null){
            byte[] photo = (byte[])ldapattr.get();
            request.setPhoto(photo);
        }
    }
    }catch(Exception e){
        System.out.println("can't initialized");
    }
    list.add(request);
    //Specific URL of LDAP with the host and :port 
    return list;
}

推荐答案

提供基本DN进行搜索.例如ou =下面的用户，并添加用户名以进行过滤以加快搜索速度 当您不必要地增加网络流量并在客户端上执行其他计算工作时，请不要获取所有用户数据. LDAP服务器在这种搜索方面表现出色. CN在默认情况下已建立索引，但givenName可能未建立索引；因此您可能想为此属性添加一个索引.

Provide a base DN to search. e.g. ou=users below and add username to filter for faster search Don't get all the user data as you are unnecessarily increasing network traffic and doing additional computational work on the client. LDAP server excels at this kind of searching. CN is indexed by default but givenName may not be indexed; so you might want to add an index for this attribute.

    NamingEnumeration result = context.search("ou=users", 
"(&(objectClass=person)(sAMAccountName=" + userId + "))", constraints);

如果您已给定Name

If you have givenName

NamingEnumeration result = context.search("ou=users", 
    "(&(objectClass=person)(givenName=" + givenName + "))", constraints);

这篇关于使用用户名LDAP获取用户DN的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！