在 Java 中在一个域中进行身份验证并从另一个域中查询用户
是否可以在Active Directory Server A中对用户进行身份验证,然后使用java在Active Directory Server B中搜索用户?这些服务器被配置为双向可信。
上面的代码失败了。我可以在服务器 A 中进行身份验证,但当我开始在 B 中搜索用户时,它什么也没有返回
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://A.AD.COM:389");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
StringBuffer principal = new StringBuffer("user@A");
env.put(Context.SECURITY_PRINCIPAL, principal.toString());
env.put(Context.SECURITY_CREDENTIALS, "password");
env.put(Context.REFERRAL, "follow");
InitialLdapContext ctx = new InitialLdapContext(env, null);
String base = "DC=b,DC=ad,DC=com";
String filter = "(&(objectClass=user))";
SearchControls controls = new SearchControls();
String []strReturningAttr = null;
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration answer = ctx.search(base, filter, controls);
Is it possible to authenticate users in Active Directory Server A, and then search for users in Active Directory Server B using java? These servers are configured to be 2-way trusted.
The above code fails. I can authenticate in server A perfectly fine, but when I start searching for users in B, it returns nothing
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://A.AD.COM:389");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
StringBuffer principal = new StringBuffer("user@A");
env.put(Context.SECURITY_PRINCIPAL, principal.toString());
env.put(Context.SECURITY_CREDENTIALS, "password");
env.put(Context.REFERRAL, "follow");
InitialLdapContext ctx = new InitialLdapContext(env, null);
String base = "DC=b,DC=ad,DC=com";
String filter = "(&(objectClass=user))";
SearchControls controls = new SearchControls();
String []strReturningAttr = null;
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration answer = ctx.search(base, filter, controls);
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
仅当您位于具有链接域的全局目录中时。
Only if your are in a global catalog with linked domains.