个人中心
gpt4 book ai didi

java - 使用 Java 和 LDAP 将用户添加到 AD LDS (ADAM)

转载 作者:行者123 更新时间:2023-11-29 03:48:31 25 4
gpt4 key购买 nike

EDIT4:让我的应用程序将用户写入 Activity 目录,但是当我尝试启用用户时 Activity 目录提示

enter image description here

之前的消息

我正在尝试使用 Java (1.4) 和 LDAP 将用户添加到本地 Active Directory(使用 AD LDS)。但是,我不断收到以下错误:

javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - 0000207B : UpdErr: DSID-030511CF, problem 6002 (OBJ_CLASS_VIOLATION), data 0 ]; remaining > name 'CN=Test user,OU=Accounts,DC=PORTAL,DC=COMPANY,DC=BE'

我的代码:

public static void main(String[] args) {
        try {
            DirContext ctx = new InitialDirContext(X_Ldap.getEnvironment());
            user usr = new user("Test user", "FALSE");

            ctx.bind(
                    "CN=Test user,OU=Accounts,DC=PORTAL,DC=COMPANY,DC=BE",                      usr);

            // X_Ldap.checkIfUserExists("Test User");
            ctx.close();
        } catch (NamingException e) {
            e.printStackTrace();
        }
}
public class user implements DirContext {
    String type;

    /**
     * 
     * @param isDisabled
     *            TRUE or FALSE (literally)
     */
    public user(String username, String isDisabled) {
        String type = username;

        Attributes attr = new BasicAttributes(true);
        Attribute oc = new BasicAttribute("objectclass");
        oc.add("top");
        oc.add("person");
        oc.add("organizationalPerson");
        oc.add("user");
        Attribute memberOf = new BasicAttribute("memberOf");
        memberOf.add("CN=Users,CN=Roles,DC=PORTAL,DC=COMPANY,DC=BE");

        attr.put(oc);
        attr.put("msDS-UserAccountDisabled", isDisabled);
        attr.put(memberOf);

        attr.put("comment", username);
    }

    public String toString() {
            return type;
    }
}

编辑我检查了我的一个用户对象的强制属性,但我不确定我应该为所有这些属性填写什么:

cn: Jane Doe -- Unicode string
instanceType: 0x4 = (WRITE) -- Integer
objectCategory: CN=Person,CN=Schema,CN=Configuration,CN={EDBEACA1-6F60-413C-80F2-6C5CE265F22F} -- Distinguished Name
objectClass: top; person; organizationalPerson; user -- Object Identifier
objectSid: S-1-372665300-2234744891-519896106-1336725265-1748609191-3385095770 -- SID

EDIT2:我当前的代码:

public class newuser {
    public static void main(String[] args) {

        String userName = "cn=Albert Einstein,ou=Accounts,DC=PORTAL,DC=COMPANY,DC=BE";
        // String groupName =
        // "cn=Users,cn=Roles,DC=PORTAL,DC=COMPANY,DC=BE";

        try {

            // Create the initial directory context
            System.out.println("Creating initial directory context...");
            LdapContext ctx = new InitialLdapContext(X_Ldap.getEnvironment(),
                    null);

            // Create attributes to be associated with the new user
            Attributes attrs = new BasicAttributes(true);

            // some useful constants from lmaccess.h
            int UF_ACCOUNTDISABLE = 0x0002;
            int UF_PASSWD_NOTREQD = 0x0020;
            int UF_PASSWD_CANT_CHANGE = 0x0040;
            int UF_NORMAL_ACCOUNT = 0x0200;
            int UF_DONT_EXPIRE_PASSWD = 0x10000;
            int UF_PASSWORD_EXPIRED = 0x800000;


            attrs.put("objectClass", "user");
            attrs.put("cn", "Albert Einstein");

            // These are some optional (but useful) attributes
            attrs.put("givenName", "Albert");
            attrs.put("sn", "Einstein");
            attrs.put("displayName", "Albert Einstein");
            attrs.put("description", "Research Scientist");
            attrs.put("userPrincipalName", "AlbertE@antipodes.com");
            attrs.put("mail", "relativity@antipodes.com");
            attrs.put("telephoneNumber", "999 123 4567");
            String newQuotedPassword = "\"Pass123\"";
            byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16");
            attrs.put("unicodePwd", newUnicodePassword);
            attrs.put("msDS-User-Account-Control-Computed",
            Integer.toString(UF_NORMAL_ACCOUNT + UF_DONT_EXPIRE_PASSWD));

            // Create the context
            System.out.println("Creating context...");
            Context result = ctx.createSubcontext(userName, attrs);
            System.out.println("Created disabled account for: " + userName);

            ctx.close();

            System.out.println("Successfully created User: " + userName);

        } catch (NamingException e) {
            System.err.println("Problem creating object: " + e);
        }

        catch (IOException e) {
            System.err.println("Problem creating object: " + e);
        }


    }
}

还有以下问题:

String newQuotedPassword = "\"Pass123\"";
        byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16");
        attrs.put("unicodePwd", newUnicodePassword);

给我以下异常:

Creating initial directory context... Problem creating object: java.io.UnsupportedEncodingException: UTF16LE

注意:我禁用了 SSL 更改密码的要求

编辑 3:显然 AD LDS 不支持“用户帐户控制”,并且分为许多不同的属性。

最佳答案

你或许可以看看Using JAVA code with Active Directory特别Creating new users & demystifying userAccountControl

对我来说,你忘记了“CN”属性。

关于java - 使用 Java 和 LDAP 将用户添加到 AD LDS (ADAM),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/9740426/

25 4 0
文章推荐: ios - 使用sharedmanager后的警报
文章推荐: php - 事务、存储过程和 PDO
文章推荐: java - 如何使用增强的 for 循环打印数组
文章推荐: java - Maven 中央 repo 不反射(reflect)最新的 1.3.0 Artifact ,我可以从任何其他 repo 中提取吗?
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com