JDNI Active Directory,创建具有范围的组
我正在尝试在 AD 中创建一些本地组,但遗憾的是,如果我在上下文中设置 groupType 属性,我只会收到此异常
Caused by: javax.naming.directory.InvalidAttributeValueException: Malformed 'groupType' attribute value; remaining name 'cn=localTestGroup1,ou=groups'
at com.sun.jndi.ldap.LdapClient.encodeAttribute(LdapClient.java:951)
at com.sun.jndi.ldap.LdapClient.add(LdapClient.java:999)
at com.sun.jndi.ldap.LdapCtx.c_bind(LdapCtx.java:393)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_bind(ComponentDirContext.java:277)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:197)
at javax.naming.directory.InitialDirContext.bind(InitialDirContext.java:163)
at org.springframework.ldap.core.LdapTemplate$21.executeWithContext(LdapTemplate.java:998)
at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:807)
... 36 more
该属性的值可能是错误的。还是我的问题无法解决?
private void createGroup(String groupname, String groupOU, long groupType) {
DistinguishedName dn = new DistinguishedName();
dn.add("ou", groupOU);
dn.add("cn", groupname);
DirContextAdapter ctx = new DirContextAdapter(dn);
ctx.setAttributeValues("objectclass", new String[] { "top", "group" });
ctx.setAttributeValue("groupType", groupType);
ctx.setAttributeValue("sAMAccountName", groupname);
ldapTemplate.bind(ctx);
}
public void createLocalGroup(String groupname, String groupOU) {
createGroup(groupname, groupOU, -2147483646);
}
为了澄清:我直接从活动目录获得了这个值-2147483646。正如您所提到的,我正在使用 Spring Ldap 1.3
I'm trying to create some local groups in my AD but sadly if I set a groupType attribute in my context I only receive this exception
Caused by: javax.naming.directory.InvalidAttributeValueException: Malformed 'groupType' attribute value; remaining name 'cn=localTestGroup1,ou=groups'
at com.sun.jndi.ldap.LdapClient.encodeAttribute(LdapClient.java:951)
at com.sun.jndi.ldap.LdapClient.add(LdapClient.java:999)
at com.sun.jndi.ldap.LdapCtx.c_bind(LdapCtx.java:393)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_bind(ComponentDirContext.java:277)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:197)
at javax.naming.directory.InitialDirContext.bind(InitialDirContext.java:163)
at org.springframework.ldap.core.LdapTemplate$21.executeWithContext(LdapTemplate.java:998)
at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:807)
... 36 more
It is possible that the value of the attribute is wrong. Or is my issue not solveable?
private void createGroup(String groupname, String groupOU, long groupType) {
DistinguishedName dn = new DistinguishedName();
dn.add("ou", groupOU);
dn.add("cn", groupname);
DirContextAdapter ctx = new DirContextAdapter(dn);
ctx.setAttributeValues("objectclass", new String[] { "top", "group" });
ctx.setAttributeValue("groupType", groupType);
ctx.setAttributeValue("sAMAccountName", groupname);
ldapTemplate.bind(ctx);
}
public void createLocalGroup(String groupname, String groupOU) {
createGroup(groupname, groupOU, -2147483646);
}
For claryfication: I got this value -2147483646 directly from the active directory. As you can mention I'm using Spring Ldap 1.3
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
尝试将 groupType 的值作为字符串传递,但不要那么长。这应该可以解决你的问题。
然而,您使用的 DN 看起来很奇怪。根据我的经验,AD 中的所有专有名称都以 DC=something 结尾。
Try passing the value for groupType as String not as long. This should solve your problem.
However the DN you are using looks strange. In my experience all Distinguished Names in AD ends at DC=something.