英文:
Java JNDI is not returning foreign security principal members of a group
问题
以下是翻译好的代码部分:
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Vector;
import javax.naming.Context;
import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
public class GroupMembers
{
public static void main(String[] args)
{
ArrayList<String> members = new ArrayList<String>();
String ldapUsername = "cn=accountname,OU=Service Accounts,OU=JKL,DC=GHI,DC=DEF,DC=ABC,DC=COM";
String ldapPassword = "password";
String servername = "ldaps://GHI.DEF.ABC.COM";
String searchbase = "DC=GHI,DC=DEF,DC=ABC,DC=COM";
String searchfilter = "(&(objectCategory=group)(sAMAccountName=groupname))";
Hashtable<String, Object> env = new Hashtable<String, Object>();
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, ldapUsername);
env.put(Context.SECURITY_CREDENTIALS, ldapPassword);
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, servername);
LdapContext ctx;
try {
ctx = new InitialLdapContext(env, null);
NamingEnumeration<?> results = null;
try {
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
results = ctx.search(searchbase, searchfilter, controls);
while (results.hasMore()) {
SearchResult searchResult = (SearchResult) results.next();
Attributes attributes = searchResult.getAttributes();
Attribute attr = attributes.get("member");
for (int i=0; i<attr.size(); i++) {
members.add((String) attr.get(i));
}
}
} catch (NameNotFoundException e) {
e.printStackTrace();
} catch (NamingException e) {
throw new RuntimeException(e);
} finally {
if (results != null) {
try {
results.close();
} catch (Exception e) {
e.printStackTrace();
}
}
if (ctx != null) {
try {
ctx.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}
// Loop through the members and print them out
for (int i = 0; i < members.size(); i++) {
System.out.println(members.get(i));
}
} catch (NamingException e1) {
e1.printStackTrace();
}
}
}
英文:
I have the following Java code which is able to get members of a AD group. However, when a member is from a different trust domain and thus a foreign security principal, the code does not get that member. I wonder if someone has any prior experience with that and could provide some advice. Thanks a lot in advance!
<pre>
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Vector;
import javax.naming.Context;
import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
public class GroupMembers
{
public static void main(String[] args)
{
ArrayList<String> members = new ArrayList<String>();
String ldapUsername = "cn=accountname,OU=Service Accounts,OU=JKL,DC=GHI,DC=DEF,DC=ABC,DC=COM";
String ldapPassword = "password";
String servername = "ldaps://GHI.DEF.ABC.COM";
String searchbase = "DC=GHI,DC=DEF,DC=ABC,DC=COM";
String searchfilter = "(&(objectCategory=group)(sAMAccountName=groupname))";
Hashtable<String, Object> env = new Hashtable<String, Object>();
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, ldapUsername);
env.put(Context.SECURITY_CREDENTIALS, ldapPassword);
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, servername);
LdapContext ctx;
try {
ctx = new InitialLdapContext(env, null);
NamingEnumeration<?> results = null;
try {
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
results = ctx.search(searchbase, searchfilter, controls);
while (results.hasMore()) {
SearchResult searchResult = (SearchResult) results.next();
Attributes attributes = searchResult.getAttributes();
Attribute attr = attributes.get("member");
for (int i=0;i<attr.size();i++) {
members.add((String) attr.get(i));
}
}
} catch (NameNotFoundException e) {
e.printStackTrace();
} catch (NamingException e) {
throw new RuntimeException(e);
} finally {
if (results != null) {
try {
results.close();
} catch (Exception e) {
e.printStackTrace();
}
}
if (ctx != null) {
try {
ctx.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}
// Loop through the memebers of the and print them out
for (int i = 0; i < members.size(); i++) {
System.out.println(members.get(i));
}
} catch (NamingException e1) {
e1.printStackTrace();
}
}
}
<pre>
专注分享java语言的经验与见解,让所有开发者获益!
评论