LDAPS修改Active Directory目录用户

http://www.webjx.com/  2009-06-27 14:07:03  来源:网页教学网 

Webjx网页教学提示: 在做OA系统时用到 OA系统用户要与Exchange 2007邮件服务器用户同步,以下是本人开发中的一些总结和步骤!

  在做OA系统时用到 OA系统用户要与Exchange 2007邮件服务器用户同步,以下是本人开发中的一些总结和步骤!
  A.以域用户登录到安装了证书服务的服务器中,导出计算机证书,
  1,通过administrato用户登陆到证书服务的服务器(我们用的Exchange 2007服务器);
  2,进入MMC控制台,添加证书,选择本地计算
  3.打开刚增加的证书节点,选择证书
  个人->证书,选择CA证书,导出
  B.将从证书中导出的个证书文件,*.cer 使用java的keytool工具创建或导入证书库文件中
  导入CA证书
  D:\Borland\jdk142_05\bin>keytool -import -keystore ca.keystore -file ca.cer
  输入keystore密码:123456
  Owner: CN=securityCA, DC=security, DC=boco
  发照者: CN=securityCA, DC=security, DC=boco
  序号: 72880fb3005cd7a54efa9c224241008b
  有效期间: Thu Nov 10 20:48:49 CST 2005 至: Tue Nov 10 20:55:33 CST 2015
  认证指纹:
  MD5: 51:3F:C3:B1:C3:A6:EF:24:55:70:2A:25:0D:EB:57:59
  SHA1: B3:EE:CC:92:E3:D4:87:48:D4:1D:F3:53:5B:0E:99:E1:B7:0F:27:20
  信任这个认证? [否]: y
  认证已添加至keystore中 生成ca.keystore文件
  C 编写如下代码修改Active Direcotry 域用户密码
  ldap.property属性配置文件
  host =10.151.5.114
  hostname =mail
  ldapport = 389
  ldapsport =636
  root =sczj.gov.cn
  username =administrator
  password =123456
  keystore =D:/ca.keystore
  keystorepassword = 123456
  Config.JAVA读取ldap.property 属性文件
  public class Config {
  static String host = "";
  static String ldapport = "";
  static String ldapsport = "";
  static String root = "";
  static String username = "";
  static String password = "";
  static String keystore = "";
  static String keystorepassword = "";
  static String hostname = "";
  public static void initConfig() {
  try {
  Properties config = new Properties();
  config.load(Config.class.getResourceAsStream("ldap.property"));
  // config.list(System.out);
  host = config.getProperty("host");
  ldapport = config.getProperty("ldapport");
  ldapsport = config.getProperty("ldapsport");
  root = config.getProperty("root");
  username = config.getProperty("username");
  password = config.getProperty("password");
  keystore = config.getProperty("keystore");
  keystorepassword = config.getProperty("keystorepassword");
  hostname = config.getProperty("hostname");
  } catch (Exception e) {
  // TODO Auto-generated catch block
  e.printStackTrace();
  }
  }
  GET SET方法
  }
  LdapConnection.JAVA连接方法
  public class LdapConnection { DirContext ctx = null;
  Hashtable env = new Hashtable();
  public LdapConnection() {
  }
  /** * 带安全协议的ldap的连接方法,这种连接可以修改活动目录中用户的密码 * * @param ldap */ public DirContext LdapsInit() { Config.initConfig(); System.out.println("==================" + Config.getKeystore()); System.out.println("==================" + Config.getKeystorepassword()); System.setProperty("javax.net.ssl.trustStore", Config.getKeystore()); System.setProperty("javax.net.ssl.trustStorePassword", Config .getKeystorepassword()); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, Config.getUsername()); env.put(Context.SECURITY_CREDENTIALS, Config.getPassword()); env.put(Context.SECURITY_PROTOCOL, "ssl"); String ldapURL = "ldaps://" + Config.getHost() + ":" + Config.getLdapsport() + ""; env.put(Context.PROVIDER_URL, ldapURL); try { ctx = new InitialLdapContext(env, null); System.out.println("认证成功");// 这里可以改成异常抛出。 } catch (javax.naming.AuthenticationException e) { System.out.println("认证失败"); } catch (Exception e) { System.out.println("认证出错:" + e); } return ctx; }
  public void close() { try { this.ctx.close(); } catch (Exception e) { }
  }
  public DirContext Ldap() { return ctx = LdapsInit(); }
更多

推荐文章