AD 域单点登陆之 LDAP (二)

官方 API: http://msdn.microsoft.com/en-us/library/windows/desktop/aa746467(v=vs.85).aspx

               http://www.iteye.com/problems/67745

               http://baike.baidu.cn/view/159263.htm

 

一、搜索过滤器类

       http://www.cnblogs.com/forbreak/archive/2012/10/30/2746464.html

       String searchFilter = "objectClass=User";

#selectFactor=(&(objectCategory\=person)) selectFactor=(&(objectClass=user)(SAMAccountName=holderplace))

       String searchFilter = "(&(objectclass=user)(sAMAccountName=*))";//获取帐号

 

    配置参数：

ad_enable=true

ad_ldap_url=ldap://10.2.1.17:389

ad_domain_name=hn.net

ad_search_base_node=DC\=hn,DC\=net

ad_search_filter=(&(mail\=username@cbhb.com.cn))

 

二、定制返回属性

String returnedAtts[] = { "company" }; String returnedAtts1[] = { "url", "whenChanged", "employeeID", "name", "userPrincipalName", "physicalDeliveryOfficeName", "departmentNumber", "telephoneNumber", "homePhone", "mobile", "department", "sAMAccountName", "whenChanged", "mail" };

 

String returnedAtts2[] = {"sAMAccountName,userPrincipalName"};

        sAMAccountName,userPrincipalName,mail,telephoneNumber,mobile,

       physicalDeliveryOfficeName,name,company,sn,givenName,department,

        title,description

 

三、 域节点

        String searchBase = "DC=wanda-dev,DC=cn";

        searchBase = "OU="+OU+",DC="+dc+",DC="+dc_houzui;