java - Ldap searchFilter 字符串不等于 memberOf OU ="Google app user"和 OU ="Contacts"

Question

我必须获取不属于组 OU="Google app User"和 OU=Contacts 的用户的数据，我不知道创建搜索过滤字符串。代码如下---

public SearchResult getUserInfo(DirContext ctx) throws NamingException{
    SearchResult sourceResult = null;
     // Create the search controls          
    SearchControls searchCtls = new SearchControls(); 

      //Specify the attributes to return 
   //1   String returnedAtts[]={"ou","description"}; // array of the object list  which is returned as the 
                                    //result of the search query on ldap active directory

     String returnedAtts[]={"cn","description","memberOf"};
    searchCtls.setReturningAttributes(returnedAtts); 
      logger.info("Specify the attributes to return ");

      //Specify the search scope 
      searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE); 
      logger.info("Specify the search scope  ");

      //specify the LDAP search filter 
  //1    String searchFilter = "(&(OU=Contacts))"; // search input  variable   require to search the  result   active directory 
      String searchFilter = "(&(OU=Contacts))";// I wanna  create search          filter for all reseult which are not group member of OU="google app user"
  and OU="contacts".          
      logger.info("specify the LDAP search filter  ");

      //Specify the Base for the search 
     //1 String searchBase ="DC=Hellowveen,DC=com";
      String searchBase ="OU=Users,OU=Matriz,OU=Brazil,DC=Hellowveen,DC=com";// "dc=dom,dc=fr";  initial basic search directory
      logger.info("Specify the Base for the search  ");

      //initialize counter to total the results 
      int totalResults = 0; 

      // Search for objects using the filter 
      NamingEnumeration<SearchResult> answer = ctx.search(searchBase, searchFilter, searchCtls); 
      logger.info("Search for objects using the filter  ");

      //Loop through the search results 
      while (answer.hasMoreElements()) 
      { 
        sourceResult = (SearchResult)answer.next(); 

        totalResults++; 

        System.out.println(" get name : >>>" + sourceResult.getName()); 
        System.out.println(" get class name :>>>" +      sourceResult.getClassName()); 
        Attributes attrs = sourceResult.getAttributes(); 
        System.out.println("member Off>>>>" + attrs.get("memberOf")); 

      } 
      logger.info("Loop  END through the search results  ");
      System.out.println("Total results: " + totalResults); 
      ctx.close(); 


    return sourceResult; 
}

如何使用基于 group(memberOf) 的 java 来搜索 Activity 目录中的数据。我真的很感激每一个建议解决方案。谢谢

Answer 1

LDAP 文件管理器搜索字符串表示形式:RFC 2254

过滤所有不属于“Google 应用用户” 组成员但属于联系人组成员的用户:

(&(!(memberOf=ou=Google app User))(memberOf=ou=Contacts))