Wednesday, 1 June 2016

JNDI: Get all group distinguished names


Search for (objectclass=group) and request the distinguishedName attribute. This will get all the group names.

import java.util.Properties;

import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;

public class DirectoryUtil {
 private final static String FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
 private final static String PROVIDER_URL = "ldap://10.212.141.191:389";
 private static final Properties properties = new Properties();
 private static String adminDN = "CN=admin,CN=Users,DC=example,DC=com";
 private static String adminPassword = "password";

 static {
  initProperties();
 }

 private static void initProperties() {
  properties.put(Context.INITIAL_CONTEXT_FACTORY, FACTORY);
  properties.put(Context.PROVIDER_URL, PROVIDER_URL);
  properties.put("com.sun.jndi.ldap.connect.pool", "true");
  properties.put(Context.SECURITY_PRINCIPAL, adminDN);
  properties.put(Context.SECURITY_CREDENTIALS, adminPassword);
 }

 public static DirContext getContext() throws NamingException {
  DirContext context = new InitialDirContext(properties);
  return context;
 }
}


import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import java.util.Optional;

import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;

/* get Distinguished name of user */
public class Test {
 /**
  * Return all group names (return the name mapped to cn)
  * 
  * @param context
  * @param baseDN
  * @return
  */
 static Optional<List<String>> getAllGroupNames(DirContext context,
   String baseDN) {

  if (Objects.isNull(context)) {
   System.out.println("context shouldn't be null");
   return Optional.empty();
  }

  List<String> groupNames = new ArrayList<>();

  SearchControls ctls = new SearchControls();
  String[] attrIDs = { "distinguishedName" };
  ctls.setReturningAttributes(attrIDs);
  ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);

  NamingEnumeration<?> answer;
  try {
   answer = context.search(baseDN, "(objectclass=group)", ctls);
   while (answer.hasMore()) {
    SearchResult searchResult = (SearchResult) answer.next();
    Attributes attrs = searchResult.getAttributes();

    Attribute cnAttr = attrs.get("distinguishedName");

    NamingEnumeration<?> values = cnAttr.getAll();

    while (values.hasMoreElements()) {
     groupNames.add(values.next().toString());
    }
   }

  } catch (NamingException e) {
   // TODO Auto-generated catch block
   e.printStackTrace();
   return Optional.empty();
  }

  return Optional.of(groupNames);
 }

 public static void main(String[] args) throws NamingException {
  DirContext context = DirectoryUtil.getContext();
  String baseDN = "CN=Users,DC=example,DC=com";

  Optional<List<String>> groupsTmp = getAllGroupNames(context, baseDN);

  List<String> groups = groupsTmp.get();

  for (String group : groups) {
   System.out.println(group);
  }
 }
}


Previous                                                 Next                                                 Home

No comments:

Post a Comment