我有一个java ldap查询,我在其中提取组中存在的用户。但是,我现在需要过滤掉已禁用的帐户。我添加了一个用户过滤器,但这似乎根本没有撤回任何成员。任何帮助表示赞赏。
下面是我当前的java ldap查询。
private LdapContext getTM1users(MbElement parser) throws FileNotFoundException, SQLException, IOException, MbException, NamingException
{
LdapContext ctx = null;
MbElement start = null;
Attributes attrs = null;
NamingEnumeration answer = null;
String group = null;
String location = null;
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "Factory");
env.put(Context.SECURITY_AUTHENTICATION, "Simple");
env.put(Context.SECURITY_PRINCIPAL, "UserID");
env.put(Context.SECURITY_CREDENTIALS, "Password");
env.put(Context.PROVIDER_URL, "ldapURL");
ctx = new InitialLdapContext(env, null);
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
String[] attrIDs = {"sAMAccountName"};
constraints.setReturningAttributes(attrIDs);
Hashtable<String, String> ht = new Hashtable<String, String>();
ht.put("Agent_Comm", "Agent_Comm");
ht.put("Elec_Finance", "Elec_Finance");
ht.put("Freight", "Freight");
ht.put("Vids", "Vids");
Set<String> keys = ht.keySet();
for(String key : keys)
{
group = ht.get(key);
location = key;
answer = ctx.search("DC=ads,DC=abc,DC=com", "memberOf=CN=" + group + ",OU=ADM,OU=ABC,DC=ads,DC=abc,DC=com (&(objectclass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))", constraints);
while (answer.hasMore())
{
attrs = ((SearchResult) answer.next()).getAttributes();
start = parser.createElementAsFirstChild(MbElement.TYPE_NAME, "user", null);
start.createElementAsFirstChild(MbElement.TYPE_NAME_VALUE, "userid",attrs.get("sAMAccountName").toString().trim());
start.createElementAsFirstChild(MbElement.TYPE_NAME_VALUE, "location", location);
}
}
return ctx;
}