JAVA移动MSADUser到指定OU
近期做OA系统自动化,所以应用到了一些开发,前面文章我们介绍了使用JAVA创建MS ADUser、修改密码等,但是创建后,我们还有离职相关的自动化,我们对用户离职操作为先是禁用用户,然后移动到指定OU下,然后通过powershell或者vbs脚本每个月执行一次删除,而不是对于离职用户账户直接删除操作,所以我们对于上面的需求,需要做两步骤,首先是禁用,对于禁用用户我们一般是修改用户的useracountcontrol属性来操作的,我们将会在下一篇文章中介绍AD用户的属性。今天我们主要演示使用JAVA程序移动用户到指定OU 中。
我们环境中oadi这个用户在IXM Adm OU下,我们需要将移动到IXM Users OU下
配置JAVA相关代理
/** * moveuser.java * 5 July 2001 * Sample JNDI application to move an object in the Active Directory. * */ import java.util.Hashtable; import javax.naming.*; import javax.naming.ldap.*; import javax.naming.directory.*; public class moveuser { public static void main (String[] args) { Hashtable env = new Hashtable(); String adminName = "CN=Administrator,cn=Users,DC=ixmsoft,DC=com"; String adminPassword = "123"; String oldUserpath = "CN=aodi,OU=IXM Adm,OU=IMXSOFT Users,DC=ixmsoft,DC=com"; String newUserpath = "CN=aodi,OU=IXM Users,OU=IMXSOFT Users,DC=ixmsoft,DC=com"; String ldapURL = "ldap://192.168.5.20:389"; env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory"); //set security credentials, note using simple cleartext authentication env.put(Context.SECURITY_AUTHENTICATION,"simple"); env.put(Context.SECURITY_PRINCIPAL,adminName); env.put(Context.SECURITY_CREDENTIALS,adminPassword); //connect to my domain controller env.put(Context.PROVIDER_URL,ldapURL); try { // Create the initial directory context LdapContext ctx = new InitialLdapContext(env,null); // Move the user ctx.rename(oldUserpath,newUserpath); System.out.println("Moved user"); ctx.close(); } catch (NamingException e) { System.err.println("Problem moving object: " + e); } } }
我们定义新、旧用户路劲
开始执行
执行成功
我们查看AD信息
我们最后为了方便可以将userpath的CN用户值定义成变量,方便传值
/** * moveuser.java * 5 July 2001 * Sample JNDI application to move an object in the Active Directory. * */ import java.util.Hashtable; import javax.naming.*; import javax.naming.ldap.*; import javax.naming.directory.*; public class moveuser { public static void main (String[] args) { Hashtable env = new Hashtable(); String ADAccount="aodi"; String adminName = "CN=Administrator,cn=Users,DC=ixmsoft,DC=com"; String adminPassword = "123"; String oldUserpath = "CN="+ADAccount+","+"OU=IXM Adm,OU=IMXSOFT Users,DC=ixmsoft,DC=com"; String newUserpath = "CN="+ADAccount+","+"OU=IXM Users,OU=IMXSOFT Users,DC=ixmsoft,DC=com"; String ldapURL = "ldap://192.168.5.20:389"; env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory"); //set security credentials, note using simple cleartext authentication env.put(Context.SECURITY_AUTHENTICATION,"simple"); env.put(Context.SECURITY_PRINCIPAL,adminName); env.put(Context.SECURITY_CREDENTIALS,adminPassword); //connect to my domain controller env.put(Context.PROVIDER_URL,ldapURL); try { // Create the initial directory context LdapContext ctx = new InitialLdapContext(env,null); // Move the user ctx.rename(oldUserpath,newUserpath); System.out.println("Moved user:"+ADAccount); System.out.println("NewUserpath:"+newUserpath); ctx.close(); } catch (NamingException e) { System.err.println("Problem moving object: " + e); } } }
本文出自 “高文龙” 博客,谢绝转载!
原文地址:http://gaowenlong.blog.51cto.com/451336/1970396