1. 技术文章
  2. Using javax.naming, can I determine if I am connected to AD or some other type of server?

Using javax.naming, can I determine if I am connected to AD or some other type of server?

二次信任 提交于 2019-12-25 08:27:15

问题


Using only the javax.naming API, is there some metadata or other trick I can use to determine if I am in fact connected to an Active Directory server or some other type of directory server ?


回答1:


The root DSE may contain attributes that contain information about the directory server's software. However, the root DSE and/or the attributes may not be present or attributes may not be named the same in all directory server implementations. Nevertheless, you can query the DSE and see what it offers for the directory software your app will support. Here's an LDAP search to get the root DSE:

ldapsearch -h HOST -b " " -s base objectclass=*

This assumes that the DSE is associated with an objectclass. The vendor may have a proprietary method for providing the same.

There is this informational RFC 3045; it talks about storing vendor related information in the root DSE. Two attributes that may be populated by the directory server software are vendorname and vendorversion. You can check the existence of these in the root DSE returned by the server(s) you're working with.

Here's a crude Java code to pull those two attributes from the root DSE (using the LDAP provider, that is):

import java.util.Hashtable;

import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;    
import javax.naming.directory.SearchResult;

public class RootDSE {
    public static void main(String[] args) throws Exception{
        Hashtable<String, String> jndiParms = new Hashtable<String, String>();

        jndiParms.put(Context.PROVIDER_URL, "ldap://my.ldap.server:389");
        jndiParms.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");

        DirContext ctx = new InitialDirContext(jndiParms);

        String searchBase = "";
        String searchFilter = "(objectclass=*)";

        SearchControls searchCtls = new SearchControls();
        searchCtls.setSearchScope(SearchControls.OBJECT_SCOPE);
        searchCtls.setReturningAttributes(new String[] { "vendorname", "vendorversion" } );

        NamingEnumeration<SearchResult> searchResults = 
            ctx.search(searchBase, searchFilter, searchCtls);

        if (searchResults.hasMore()) {
            SearchResult searchResult = (SearchResult)searchResults.next();
            System.out.println(searchResult.getAttributes());
        }
        else {
            System.err.println("No results");
        }
    }
}


来源:https://stackoverflow.com/questions/22069401/using-javax-naming-can-i-determine-if-i-am-connected-to-ad-or-some-other-type-o

标签
active-directory
ldap
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!