package th.co.muangthai.endrprint.util; /** * Created by IntelliJ IDEA. * User: ZIZU * Date: 8/16/12 * Time: 5:00 PM * To change this template use File | Settings | File Templates. */ import org.apache.log4j.Logger; import java.io.IOException; import java.util.Properties; import javax.naming.Context; import javax.naming.NamingEnumeration; import javax.naming.NamingException; import javax.naming.directory.*; /** * Query Active Directory using Java * * @filename ActiveDirectory.java * @author Jeevanandam Madanagopal * @copyright © 2010-2012 www.myjeeva.com */ public class ActiveDirectory { // Logger private static final Logger LOG = Logger.getLogger(ActiveDirectory.class); //required private variables private Properties properties; private DirContext dirContext; private SearchControls searchCtls; private String[] returnAttributes = { "sAMAccountName", "givenName", "cn", "mail" }; private String domainBase; private String baseFilter = "(&((&(objectCategory=Person)(objectClass=User)))"; /** * constructor with parameter for initializing a LDAP context * * @param username a {@link java.lang.String} object - username to establish a LDAP connection * @param password a {@link java.lang.String} object - password to establish a LDAP connection * @param domainController a {@link java.lang.String} object - domain controller name for LDAP connection */ public ActiveDirectory(String username, String password, String domainController) { properties = new Properties(); properties.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); properties.put(Context.PROVIDER_URL, "LDAP://" + domainController); properties.put(Context.SECURITY_PRINCIPAL, username + "@" + domainController); properties.put(Context.SECURITY_CREDENTIALS, password); //initializing active directory LDAP connection try { dirContext = new InitialDirContext(properties); } catch (NamingException e) { LOG.error(e.getMessage(), e); } //default domain base for search domainBase = getDomainBase(domainController); domainBase = "DC=muangthai,DC=co,DC=th"; //initializing search controls searchCtls = new SearchControls(); searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE); searchCtls.setReturningAttributes(returnAttributes); } /** * search the Active directory by username/email id for given search base * * @param searchValue a {@link java.lang.String} object - search value used for AD search for eg. username or email * @param searchBy a {@link java.lang.String} object - scope of search by username or by email id * @param searchBase a {@link java.lang.String} object - search base value for scope tree for eg. DC=myjeeva,DC=com * @return search result a {@link javax.naming.NamingEnumeration} object - active directory search result * @throws NamingException */ public NamingEnumeration searchUser(String searchValue, String searchBy, String searchBase) throws NamingException { String filter = getFilter(searchValue, searchBy); String base = (null == searchBase) ? domainBase : getDomainBase(searchBase); // for eg.: "DC=myjeeva,DC=com"; return this.dirContext.search(base, filter, this.searchCtls); } /** * closes the LDAP connection with Domain controller */ public void closeLdapConnection(){ try { if(dirContext != null) dirContext.close(); } catch (NamingException e) { LOG.error(e.getMessage(), e); } } /** * active directory filter string value * * @param searchValue a {@link java.lang.String} object - search value of username/email id for active directory * @param searchBy a {@link java.lang.String} object - scope of search by username or email id * @return a {@link java.lang.String} object - filter string */ private String getFilter(String searchValue, String searchBy) { String filter = this.baseFilter; if(searchBy.equals("email")) { filter += "(mail=" + searchValue + "))"; } else if(searchBy.equals("username")) { filter += "(samaccountname=" + searchValue + "))"; } return filter; } /** * creating a domain base value from domain controller name * * @param base a {@link java.lang.String} object - name of the domain controller * @return a {@link java.lang.String} object - base name for eg. DC=myjeeva,DC=com */ private static String getDomainBase(String base) { char[] namePair = base.toUpperCase().toCharArray(); String dn = "DC="; for (int i = 0; i < namePair.length; i++) { if (namePair[i] == '.') { dn += ",DC=" + namePair[++i]; } else { dn += namePair[i]; } } return dn; } public static void main(String[] args) throws NamingException, IOException { String domain = "10.1.0.5:389"; String username = "matching"; String password = "12345"; String choice = "username"; String searchTerm = "CN=Administrator,CN=Users,DC=muangthai,DC=co,DC=th"; // BufferedReader br = new BufferedReader(new InputStreamReader(System.in)); // // System.out.println("Provide username & password for connecting AD"); // System.out.println("Enter Domain:"); // domain = br.readLine(); // System.out.println("Enter username:"); // username = br.readLine(); // System.out.println("Enter password:"); // password = br.readLine(); // System.out.println("Search by username or email:"); // choice = br.readLine(); // System.out.println("Enter search term:"); // searchTerm = br.readLine(); //Creating instance of ActiveDirectory ActiveDirectory activeDirectory = new ActiveDirectory(username, password, domain); //Searching NamingEnumeration result = activeDirectory.searchUser(searchTerm, choice, null); if(result.hasMore()) { SearchResult rs= (SearchResult)result.next(); Attributes attrs = rs.getAttributes(); String temp = attrs.get("samaccountname").toString(); temp = attrs.get("givenname").toString(); temp = attrs.get("mail").toString(); temp = attrs.get("cn").toString(); } else { } //Closing LDAP Connection activeDirectory.closeLdapConnection(); } }