java 如何从 Active Directory 中的 memberOf 属性获取基于指定组 (CN) 的电子邮件地址列表

How to get list of email address based on a specified group (CN) from memberOf Attribute in Active Directory in java

我编写了一个程序来根据用户名从活动目录中获取所有属性。现在我想根据 memerOf 属性中的组名 CN= App_abc_Admin 获取电子邮件地址列表。

主.java

    public void ldapQueryService()throws Exception{
        try {
            System.out.println("Querying Active Directory Using Java");
            System.out.println("------------------------------------");
            String domain = "abc.com";
            String url = "ldap.abc.com:389";
            String username = "username";
            String password = "password";
            String choice = "samaccountname";
            String searchTerm = "xyz";

            //Creating instance of ActiveDirectory
            ActiveDirectory activeDirectory = new ActiveDirectory(username, password, domain, url);

            //Searching
            NamingEnumeration<SearchResult> result = activeDirectory.searchUser(searchTerm, choice, null);

            while (result.hasMore()) {
                SearchResult rs = (SearchResult) result.next();
                Attributes attrs = rs.getAttributes();
                String temp = attrs.get("samaccountname").toString();
                System.out.println("Username     : " + temp.substring(temp.indexOf(":") + 1));
                String memberOf =  attrs.get("memberOf").toString();
                String stringToSearch = "CN=App_abc_Admin";
                boolean test = memberOf.toLowerCase().contains(stringToSearch.toLowerCase());
                if(test){ 
                   String mail = attrs.get("mail").toString();
                   System.out.println("Email ID  : " + mail.substring(mail.indexOf(":") + 1));
               }
            }
            activeDirectory.closeLdapConnection();
        }catch(Exception e){

        }
    }

ActiveDirectory.java

public class ActiveDirectory {
        //required private variables

        private Properties properties;
        private DirContext dirContext;
        private SearchControls searchCtls;
        private String[] returnAttributes = { "*"};
        private String domainBase;
        private String baseFilter = "(&((&(objectCategory=Person)(objectClass=User)))";

        public ActiveDirectory(String username, String password, String domainController,String url) {
            properties = new Properties();

            properties.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
            properties.put(Context.PROVIDER_URL, "LDAP://" + url);
            properties.put(Context.SECURITY_PRINCIPAL, username + "@" + domainController);
            properties.put(Context.SECURITY_CREDENTIALS, password);

            //initializing active directory LDAP connection
            try {
                dirContext = new InitialDirContext(properties);
            } catch (NamingException e) {
                //LOG.severe(e.getMessage());
                //e.printStackTrace();
            }

            //default domain base for search
            domainBase = getDomainBase(domainController);

            //initializing search controls
            searchCtls = new SearchControls();
            searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
            searchCtls.setReturningAttributes(returnAttributes);
        }



        public NamingEnumeration<SearchResult> searchUser(String searchValue, String searchBy, String searchBase) throws NamingException {
            String filter = getFilter(searchValue, searchBy);
            String base = (null == searchBase) ? domainBase : getDomainBase(searchBase);
           return this.dirContext.search(base, filter, this.searchCtls);
        }


        public void closeLdapConnection(){
            try {
                if(dirContext != null)
                    dirContext.close();
            }
            catch (NamingException e) {
              //e.printStackTrace();
            }
        }


        private String getFilter(String searchValue, String searchBy) {
            String filter = this.baseFilter;
            if(searchBy.equals("email")) {
               filter += "(mail=" + searchValue + "))";
            } else if(searchBy.equals("username")) {
                filter += "(samaccountname=" + searchValue + "))";
            }else if(searchBy.equals("title")) {
                filter += "(title=" + searchValue + "))";
            }else if(searchBy.equals("department")) {
                filter += "(department=" + searchValue + "))";
            }else if(searchBy.equals("givenname")) {
                filter += "(givenname=" + searchValue + "))";
            }
            else if(searchBy.equals("samaccountname")) {
                filter += "(samaccountname=" + searchValue + "))";
            }

            return filter;
        }

        private static String getDomainBase(String base) {
            char[] namePair = base.toUpperCase().toCharArray();
            String dn = "DC=";
            for (int i = 0; i < namePair.length; i++) {
                if (namePair[i] == '.') {
                    dn += ",DC=" + namePair[++i];
                } else {
                    dn += namePair[i];
                }
            }
            return dn;
        }
    }

在上面的示例中,我传递了搜索条件和搜索词。但是如何根据 memberOf 属性中的 CN 获取用户列表?

我尝试如下更新过滤器但没有输出

private String baseFilter = "(&(objectClass=Person)(memberOf=cn=App_abc_Admin,ou=Application Groups,dc=abc,dc=com))";

更新了过滤器,因为 below.It 现在可以使用了

private String baseFilter = "(&((&(objectCategory=Person)(objectClass=User)(mail=*abc.com)(memberOf=CN=App_abc_Admin,OU=Application Groups,OU=Security Groups,OU=Users_OU,DC=abc,DC=com))))";