近期做OA系统自动化,所以应用到了一些开发,前面文章我们介绍了使用JAVA创建MS ADUser、修改密码等,但是创建后,我们还有离职相关的自动化,我们对用户离职操作为先是禁用用户,然后移动到指定OU下,然后通过powershell或者vbs脚本每个月执行一次删除,而不是对于离职用户账户直接删除操作,所以我们对于上面的需求,需要做两步骤,首先是禁用,对于禁用用户我们一般是修改用户的useracountcontrol属性来操作的,我们将会在下一篇文章中介绍AD用户的属性。今天我们主要演示使用JAVA程序移动用户到指定OU 中。
我们环境中oadi这个用户在IXM Adm OU下,我们需要将移动到IXM Users OU下
配置JAVA相关代理
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
/**
* moveuser.java
* 5 July 2001
* Sample JNDI application to move an object in the Active Directory.
*
*/
import
java.util.Hashtable;
import
javax.naming.*;
import
javax.naming.ldap.*;
import
javax.naming.directory.*;
public
class
moveuser {
public
static
void
main (String[] args) {
Hashtable env =
new
Hashtable();
String adminName =
"CN=Administrator,cn=Users,DC=ixmsoft,DC=com"
;
String adminPassword =
"123"
;
String oldUserpath =
"CN=aodi,OU=IXM Adm,OU=IMXSOFT Users,DC=ixmsoft,DC=com"
;
String newUserpath =
"CN=aodi,OU=IXM Users,OU=IMXSOFT Users,DC=ixmsoft,DC=com"
;
String ldapURL =
"ldap://192.168.5.20:389"
;
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory"
);
//set security credentials, note using simple cleartext authentication
env.put(Context.SECURITY_AUTHENTICATION,
"simple"
);
env.put(Context.SECURITY_PRINCIPAL,adminName);
env.put(Context.SECURITY_CREDENTIALS,adminPassword);
//connect to my domain controller
env.put(Context.PROVIDER_URL,ldapURL);
try
{
// Create the initial directory context
LdapContext ctx =
new
InitialLdapContext(env,
null
);
// Move the user
ctx.rename(oldUserpath,newUserpath);
System.out.println(
"Moved user"
);
ctx.close();
}
catch
(NamingException e) {
System.err.println(
"Problem moving object: "
+ e);
}
}
}
|
我们定义新、旧用户路劲
开始执行
执行成功
我们查看AD信息
我们最后为了方便可以将userpath的CN用户值定义成变量,方便传值
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
/**
* moveuser.java
* 5 July 2001
* Sample JNDI application to move an object
in
the Active Directory.
*
*/
import
java.util.Hashtable;
import
javax.naming.*;
import
javax.naming.ldap.*;
import
javax.naming.directory.*;
public class moveuser {
public static void main (String[] args) {
Hashtable
env
= new Hashtable();
String ADAccount=
"aodi"
;
String adminName =
"CN=Administrator,cn=Users,DC=ixmsoft,DC=com"
;
String adminPassword =
"123"
;
String oldUserpath =
"CN="
+ADAccount+
","
+
"OU=IXM Adm,OU=IMXSOFT Users,DC=ixmsoft,DC=com"
;
String newUserpath =
"CN="
+ADAccount+
","
+
"OU=IXM Users,OU=IMXSOFT Users,DC=ixmsoft,DC=com"
;
String ldapURL =
"ldap://192.168.5.20:389"
;
env
.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory"
);
//set
security credentials, note using simple cleartext authentication
env
.put(Context.SECURITY_AUTHENTICATION,
"simple"
);
env
.put(Context.SECURITY_PRINCIPAL,adminName);
env
.put(Context.SECURITY_CREDENTIALS,adminPassword);
//connect
to my domain controller
env
.put(Context.PROVIDER_URL,ldapURL);
try {
//
Create the initial directory context
LdapContext ctx = new InitialLdapContext(
env
,null);
//
Move the user
ctx.rename(oldUserpath,newUserpath);
System.out.println(
"Moved user:"
+ADAccount);
System.out.println(
"NewUserpath:"
+newUserpath);
ctx.close();
}
catch (NamingException e) {
System.err.println(
"Problem moving object: "
+ e);
}
}
}
|
本文转自 高文龙 51CTO博客,原文链接:http://blog.51cto.com/gaowenlong/1970396,如需转载请自行联系原作者