初次对活动目录(AD)操作,记录下基本的操作方式。
import java.security.Security;
import java.util.Hashtable;
import javax.naming.AuthenticationException;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
public class ADTest
{
private LdapContext ctx = null;
private String baseName = ",CN=users,DC=zzt,DC=com";
public ADTest()
{
try
{
Hashtable<String, String> ldapEnv = new Hashtable<String, String>();
ldapEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
ldapEnv.put(Context.PROVIDER_URL, "ldap://192.168.0.1");
ldapEnv.put(Context.SECURITY_AUTHENTICATION, "simple");
ldapEnv.put(Context.SECURITY_PRINCIPAL, "CN=Administrator,CN=users,DC=zzt,DC=com");
ldapEnv.put(Context.SECURITY_CREDENTIALS, "123456"); // 密码
// ldapEnv.put(Context.SECURITY_PROTOCOL, "ssl");
ctx = new InitialLdapContext(ldapEnv, null);
}
catch (Exception e)
{
System.out.println(" bind error: " + e);
e.printStackTrace();
}
}
/**
* 创建一个新的用户
* @param username
* @param surname
* @param givenName
*/
public void createNew(String username, String surname, String givenName)
{
try
{
String distinguishedName = "cn=" + username + baseName;
Attributes newAttributes = new BasicAttributes(true);
Attribute oc = new BasicAttribute("objectclass");
oc.add("top");
oc.add("person");
oc.add("organizationalperson");
oc.add("user");
newAttributes.put(oc);
newAttributes.put(new BasicAttribute("sAMAccountName", username));
newAttributes.put(new BasicAttribute("cn", username));
newAttributes.put(new BasicAttribute("sn", surname));
ctx.createSubcontext(distinguishedName, newAttributes);
}
catch (Exception e)
{
System.out.println("create error: " + e);
e.printStackTrace();
System.exit(-1);
}
}
/**
* 更新用户
* @param username
*/
public void update(String username)
{
try
{
System.out.println("updating...\n");
ModificationItem[] mods = new ModificationItem[1];
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("description", "hello world"));
ctx.modifyAttributes("cn=" + username + baseName, mods);
}
catch (Exception e)
{
System.out.println(" update error: " + e);
System.exit(-1);
}
}
/**
* 修改密码
* @param username
* @param password
*/
public void updatePassword(String username, String password)
{
try
{
System.out.println("updating password...\n");
String quotedPassword = "\"" + password + "\"";
// char unicodePwd[] = quotedPassword.toCharArray();
// byte pwdArray[] = new byte[unicodePwd.length * 2];
// for (int i = 0; i < unicodePwd.length; i++)
// {
// pwdArray[i * 2 + 1] = (byte) (unicodePwd[i] >>> 8);
// pwdArray[i * 2 + 0] = (byte) (unicodePwd[i] & 0xff);
// }
// System.out.print("encoded password: ");
// for (int i = 0; i < pwdArray.length; i++)
// {
// System.out.print(pwdArray[i] + " ");
// }
byte[] newUnicodePassword = quotedPassword.getBytes("UTF-16LE");
System.out.println();
ModificationItem[] mods = new ModificationItem[1];
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd",
newUnicodePassword));
ctx.modifyAttributes("cn=" + username + baseName, mods);
}
catch (Exception e)
{
System.out.println("update password error: " + e);
e.printStackTrace();
System.exit(-1);
}
}
/**
* 登陆认证
*
* @param userDn
* String
* @param password
* String
* @return boolean
*/
public boolean authenticate(String userDn, String password)
{
try
{
Control[] connCtls = new Control[] {};
ctx.getRequestControls();
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDn);
ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
ctx.reconnect(connCtls);
return true;
}
catch (AuthenticationException e)
{
return false;
}
catch (NamingException e)
{
return false;
}
finally
{
if (ctx != null)
{
try
{
ctx.close();
}
catch (NamingException e)
{
e.printStackTrace();
}
ctx = null;
}
}
}
/**
* 删除用户.
*
* @param userDN
* String 用户DN
* @return
*/
public boolean del(String userDN)
{
try
{
ctx.destroySubcontext(userDN);
return true;
}
catch (NamingException e)
{
System.err.println("Problem changing password: " + e);
}
catch (Exception e)
{
System.err.println("Problem: " + e);
}
finally
{
if (ctx != null)
{
try
{
ctx.close();
}
catch (NamingException e)
{
e.printStackTrace();
}
ctx = null;
}
}
return false;
}
public static void main(String[] args)
{
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
ADTest adt = new ADTest();
// System.out.println(adt.authenticate("CN=zztxxx,CN=users,DC=zzt,DC=com", "asdf23"));
// System.out.println(adt.del("CN=zztxxx,CN=users,DC=zzt,DC=com"));
}
}