Java,将新用户作为已启用用户添加到Active Directory
我正在尝试在Windows Active Directory中添加新用户 我能够在广告中成功创建新用户。但该用户作为禁用用户添加到AD中,因此我想在AD中添加新用户作为启用用户 为此,我使用下面的代码Java,将新用户作为已启用用户添加到Active Directory,java,active-directory,java-8,ldap,Java,Active Directory,Java 8,Ldap,我正在尝试在Windows Active Directory中添加新用户 我能够在广告中成功创建新用户。但该用户作为禁用用户添加到AD中,因此我想在AD中添加新用户作为启用用户 为此,我使用下面的代码 import java.util.Hashtable; import javax.naming.Context; import javax.naming.NamingException; import javax.naming.directory.Attribute; import javax.n
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.ldap.InitialLdapContext;
public class Test {
final static String DOMAIN_NAME = "TEST.local";
final static String User_Context = "CN=Users,DC=TEST,DC=local";
final static String DOMAIN_URL = "ldap://192.168.1.100:389";
final static String ADMIN_NAME = "CN=Administrator,CN=Users,DC=TEST,DC=local";
final static String ADMIN_PASS = "Awesdew321";
final static String SEC_AUTH = "simple";
final static String CON_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
public static void main(String[] args) {
UserObjects userObj = new UserObjects();
userObj.sAMAccountName = "tuser01";
userObj.givenName = "Test";
userObj.sn = "User01";
userObj.password = "Terdar123";
userObj.organisationUnit = "";
try {
addUser(userObj);
} catch (NamingException e) {
}
}
public static boolean addUser(UserObjects userObj) throws NamingException {
int UF_NORMAL_ACCOUNT = 0x0200;
InitialLdapContext context = null;
Hashtable<String, String> env = new Hashtable<String, String>();
try {
env.put(Context.INITIAL_CONTEXT_FACTORY, CON_FACTORY);
env.put(Context.SECURITY_AUTHENTICATION, SEC_AUTH);
env.put(Context.SECURITY_PRINCIPAL, ADMIN_NAME);
env.put(Context.SECURITY_CREDENTIALS, ADMIN_PASS);
env.put(Context.PROVIDER_URL, DOMAIN_URL);
context = new InitialLdapContext(env, null);
Attribute objClasses = new BasicAttribute("objectClass");
objClasses.add("top");
objClasses.add("person");
objClasses.add("organizationalPerson");
objClasses.add("user");
String cnValue = new StringBuffer(userObj.givenName).append(" ").append(userObj.sn).toString();
Attribute cn = new BasicAttribute("cn", cnValue);
Attribute sAMAccountName = new BasicAttribute("sAMAccountName", userObj.sAMAccountName);
Attribute principalName = new BasicAttribute("userPrincipalName",
userObj.sAMAccountName + "@" + DOMAIN_NAME);
Attribute givenName = new BasicAttribute("givenName", userObj.givenName);
Attribute sn = new BasicAttribute("sn", userObj.sn);
Attribute uid = new BasicAttribute("uid", userObj.sAMAccountName);
Attribute userAccountControl = new BasicAttribute("userAccountControl",
Integer.toString(UF_NORMAL_ACCOUNT));
Attribute userPassword = new BasicAttribute("userpassword", userObj.password);
Attributes container = new BasicAttributes();
container.put(objClasses);
container.put(sAMAccountName);
container.put(principalName);
container.put(cn);
container.put(sn);
container.put(givenName);
container.put(uid);
container.put(userAccountControl);
container.put(userPassword);
String userDN = "cn=" + cnValue + "," + User_Context;
context.createSubcontext(userDN, container);
return true;
} catch (Exception e) {
return false;
}
}
}
我正在使用Java(jdk1.8.0_60)和Windows Active Directory。通常,当您使用“创建用户帐户”时,新帐户将被禁用,并且无法启用,除非发生以下任一情况:
- 已为该帐户设置有效密码
- UF_PASSWD_NOTREQD参数已设置为true
-jim我想你的问题是重复的,请看这个链接@Manesh我不是要求设置密码。@Manesh我只是想在AD中添加新用户作为已启用的用户。你想说的是,首先我必须在AD中创建用户,而不是用“0x0200”值更新
userAccountControljavax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000052D: SvcErr: DSID-031A12D2, problem 5003 (WILL_NOT_PERFORM), data 0
remaining name 'cn=Test User01,CN=Users,DC=TEST,DC=local'