另一种方法是
UnboundID
. 它的API可读性很强,而且很短
创建LDAP连接
public static LDAPConnection getConnection() throws LDAPException {
// host, port, username and password
return new LDAPConnection("com.example.local", 389, "Administrator@com.example.local", "admin");
}
获取筛选结果
public static List getResults(LDAPConnection connection, String baseDN, String filter) throws LDAPSearchException {
SearchResult searchResult;
if (connection.isConnected()) {
searchResult = connection.search(baseDN, SearchScope.ONE, filter);
return searchResult.getSearchEntries();
}
return null;
}
获取所有识别单元和容器
String baseDN = "DC=com,DC=example,DC=local";
String filter = "(&(|(objectClass=organizationalUnit)(objectClass=container)))";
LDAPConnection connection = getConnection();
List results = getResults(connection, baseDN, filter);
获取特定组织单位
String baseDN = "DC=com,DC=example,DC=local";
String dn = "CN=Users,DC=com,DC=example,DC=local";
String filterFormat = "(&(|(objectClass=organizationalUnit)(objectClass=container))(distinguishedName=%s))";
String filter = String.format(filterFormat, dn);
LDAPConnection connection = getConnection();
List results = getResults(connection, baseDN, filter);
获取组织单位下的所有用户
String baseDN = "CN=Users,DC=com,DC=example,DC=local";
String filter = "(&(objectClass=user)(!(objectCategory=computer)))";
LDAPConnection connection = getConnection();
List results = getResults(connection, baseDN, filter);
获取组织单位下的特定用户
String baseDN = "CN=Users,DC=com,DC=example,DC=local";
String userDN = "CN=abc,CN=Users,DC=com,DC=example,DC=local";
String filterFormat = "(&(objectClass=user)(distinguishedName=%s))";
String filter = String.format(filterFormat, userDN);
LDAPConnection connection = getConnection();
List results = getResults(connection, baseDN, filter);
显示结果
for (SearchResultEntry e : results) {
System.out.println("name: " + e.getAttributeValue("name"));
}