2

I have OU (say ou1) in AD server and it has a user (say user1). I want query all the users belong to a OU of AD directory server. I am trying as show below :

SearchControls ouctls = new SearchControls();
String[] ouattrIDs = {"displayname", "mail", "canonicalName", "memberOf","Users"};
ctls.setReturningAttributes(ouattrIDs);
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);

NamingEnumeration ouanswer = ctx.search("dc=exam,dc=com","(objectclass=group)", ouctls);

and by these I am not find user attribute populated.

while (ouAnswer.hasMoreElements()) {
        SearchResult rslt = (SearchResult) ouAnswer.next();
        Attributes attrs = rslt.getAttributes();
        //log.debug("Group attributes"+attrs.get("cn"));
        System.out.println("gr-->"+attrs.toString());
        Attribute temp = attrs.get("cn");
}

Can you please help me in finding user object under a OU.

4

1 回答 1

0

如果您的意思user1是从属ou=ou1并且您知道 的可分辨名称,则将ou其用作搜索请求中的基本对象。例如,如果ou直接从属于dc=exam,dc=comou=ou1,dc=exam,dc=com则在搜索中用作基础对象。在这种情况下,如果您知道用户条目直接从属于ou=ou1,则可以将搜索范围缩小到一级。否则,必须使用子树范围。使用过滤器来缩小将从服务器返回的结果的范围。在您给出的示例中,过滤器可能应该是:(&(cn=user1)(objectclass=group))。这假设 user1 的命名属性是cn并且条目是 objectClass `group 的成员。在 LDAP 客户端的代码中使用正确的值。

也可以看看

于 2012-11-09T10:49:10.233 回答