英文:
How do I get the Windows domain FQDN that is synced to Azure AD as the On-Premises-Domain-Name?
问题
Azure AD中来自本地AD同步的用户和组具有一个称为onPremisesDomainName的字段。描述如下:
包含来自本地目录同步的本地域FQDN,也称为dnsDomainName
该属性仅填充给通过Azure AD Connect将本地目录同步到Azure Active Directory的客户。只读。
来源:https://learn.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-1.0
我如何通过从Java查询本地域控制器的LDAP来获取Azure AD同步将写入此字段的确切值?
英文:
Azure AD users and groups synced from an on-premises AD have a field called onPremisesDomainName. The description is as follows:
> Contains the on-premises domainFQDN, also called dnsDomainName
> synchronized from the on-premises directory. The property is only
> populated for customers who are synchronizing their on-premises
> directory to Azure Active Directory via Azure AD Connect. Read-only.
Source: https://learn.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-1.0
How do I get the exact value that will be written to this field by the Azure AD Sync by querying the on-premises domain controller via LDAP from Java?
答案1
得分: 0
默认情况下,AD 连接将从本地 AD 导入用户对象,并将其导出到 Azure AD。
在 AD 连接中,同步服务帐户将帮助我们从本地 AD 拉取更改,但不确定仅针对特定属性查询值。
您可以直接在域控制器上查询对象和属性值。
本地 AD 使用 LDAP 协议从 NTDS 数据库查询对象。
如果您有任何单独的 LDAP 服务器,这也是可能的。
英文:
By default, AD connect will import the user objects from Local AD and it will be exported to Azure AD.
In AD connect, sync service account will help us to pull the changes from the local AD but not sure about querying the value only for the pariticular attribute.
You can query the object and attribute values directly on the domain controllers.
Local AD uses ldap protocol to query the objects from NTDS database.
If you have any separate LDAP server, it may be possible.
专注分享java语言的经验与见解,让所有开发者获益!
评论