JAVA获取AD域用户、部门、部门树
公司产品需要对接客户的ad域用户进行用户管理,分享功能如下:
1、连接ad域
2、获取ad域用户
3、获取ad域部门
4、将ad域部门转化为树结构(重点)
本人处女贴,如有不足,望批评指正
前言:
ad域简介及搭建可参考:https://www.cnblogs.com/cnjavahome/p/9029665.html
本人github代码:https://github.com/tofindnorthstar/addemo
1、连接ad域
(1)连接ad域的方法
public static LdapContext getContext(Hashtable hashtable) throws NamingException {
LdapContext ctx = new InitialLdapContext(hashtable, null);
return ctx;
}
(2)hashtable的参数设置包括用户名、密码url等
public static Hashtable env = new Hashtable();
static{
String adminName = "[email protected]";//username
String adminPassword = "111111";//password
String ldapURL = "LDAP://10.11.42.13:389";//ip:port
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "simple");//LDAP访问安全级别:"none","simple","strong"
env.put(Context.SECURITY_PRINCIPAL, adminName);// AD User
env.put(Context.SECURITY_CREDENTIALS, adminPassword);// AD Password
env.put(Context.PROVIDER_URL, ldapURL);// LDAP工厂类
env.put("com.sun.jndi.ldap.connect.timeout", "3000");//连接超时设置为3秒
}
2、获取ad域用户
public static List getUsers(LdapContext ctx) throws NamingException {
//LDAP搜索过滤器类,此处只获取AD域用户,所以条件为用户user或者person均可
String searchFilter = "(objectClass=user)";
//AD域节点结构
String searchBase = "DC=jack,DC=com";
NamingEnumeration answer = getSearchResult(ctx, searchFilter, searchBase);
List users = new ArrayList();
while (answer.hasMoreElements()) {
SearchResult sr = answer.next();
User u = new User();
u.setcName(getAttrValue(sr,"canonicalName"));
u.setUserName(getAttrValue(sr,"sAMAccountName"));
users.add(u);
}
return users;
}
public static NamingEnumeration getSearchResult(LdapContext ctx,String searchFilter,String searchBase) throws NamingException {
//搜索控制器
SearchControls searchCtls = new SearchControls();
//创建搜索控制器
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
String returnedAtts[] = {"canonicalName", "distinguishedName", "id",
"name", "userPrincipalName", "departmentNumber", "telephoneNumber", "homePhone",
"mobile", "department", "sAMAccountName", "whenChanged"}; // 定制返回属性
searchCtls.setReturningAttributes(returnedAtts);
NamingEnumeration answer = ctx.search(searchBase, searchFilter, searchCtls);
return answer;
}
3、获取AD部门
部门model,可忽略
package model;
import java.util.ArrayList;
import java.util.List;
/**
* @ClassName AdDepartment
* @Description: TODO
* @Author jack
* @Date 2019/8/31
* @Version V1.0
*/
public class AdDepartment implements Comparable{
private String id;
private String name;
private String cName;
private String distinguishedName;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getcName() {
return cName;
}
public void setcName(String cName) {
this.cName = cName;
}
public String getDistinguishedName() {
return distinguishedName;
}
public void setDistinguishedName(String distinguishedName) {
this.distinguishedName = distinguishedName;
}
public List getChildren() {
return children;
}
public void setChildren(List children) {
this.children = children;
}
private List children = new ArrayList();
public AdDepartment getAdDepartmentBycName(String cName) {
if (this.cName.equals(cName) ) {
return this;
}else{
for (AdDepartment adDepartment : children) {
AdDepartment adDepartment1 =null;
if ((adDepartment1 = adDepartment.getAdDepartmentBycName(cName)) != null) {
return adDepartment1;
}
}
}
return null;
}
public AdDepartment getParentAdDepartmentBycName(String cName) {
int index;
AdDepartment adDepartment = null;
while ((index = cName.lastIndexOf("/")) != -1) {
cName = cName.substring(0, index);
adDepartment = getAdDepartmentBycName(cName);
if (adDepartment != null) {
return adDepartment;
}
}
return adDepartment;
}
public int compareTo(AdDepartment o) {
return cName.length() - o.getcName().length();
}
public void addChildren(AdDepartment adDepartment) {
this.children.add(adDepartment);
}
@Override
public String toString() {
return "AdDepartment{" +
"id='" + id + '\'' +
", name='" + name + '\'' +
", cName='" + cName + '\'' +
", distinguishedName='" + distinguishedName + '\'' +
", children=" + children +
'}';
}
}
将部门按canonicalName进行排序,以便后面对其进行树结构转化
// 获取部门列表
public static TreeSet getAdDepartment(LdapContext ctx) throws NamingException {
//LDAP搜索过滤器类,此处只获取AD域用户,所以条件为用户user或者person均可
String searchFilter = "(ou>='')";
//AD域节点结构
String searchBase = "DC=jack,DC=com";
NamingEnumeration answer = getSearchResult(ctx, searchFilter, searchBase);
List adDepartments = new ArrayList();
TreeSet treeSet = new TreeSet();
while (answer.hasMoreElements()) {
SearchResult sr = answer.next();
AdDepartment adDepartment = new AdDepartment();
adDepartment.setName(getAttrValue(sr, "name"));
adDepartment.setcName(getAttrValue(sr, "canonicalName"));
adDepartment.setDistinguishedName(getAttrValue(sr, "distinguishedName"));
treeSet.add(adDepartment);
}
return treeSet;
}
4、将ad域部门转化为树结构(重点)
此处用了递归方法AdDepartment.getParentAdDepartmentBycName,可返回AdDepartment类中查看
public static AdDepartment getTreeAdDepartment(TreeSet treeSet) {
AdDepartment root = new AdDepartment();
root.setName("jack.com");
root.setcName("jack.com");
for (AdDepartment ad : treeSet) {
AdDepartment parentAdDepartment = null;
if ((parentAdDepartment = root.getParentAdDepartmentBycName(ad.getcName())) != null) {
parentAdDepartment.addChildren(ad);
} else {
root.addChildren(ad);
}
}
return root;
}