如何知道用户在Active Directory中处于活动状态还是非活动状态

Question

我已连接到Active Directory，以便验证用户名，但是如何知道用户在AD中处于活动状态还是非活动状态？

示例代码：

  private Properties properties; 
      private DirContext dirContext; 
      private SearchControls searchCtls; 
      private String[] returnAttributes = { "sAMAccountName", "givenName", "cn", "mail"}; 
      private String domainBase; 
      private String baseFilter = "(&((&(objectCategory=Person)(objectClass=User)))"; 
    public ActiveDirectory(String username, String password, String domainController,String url) { 
      properties = new Properties();   

      properties.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); 
      properties.put(Context.PROVIDER_URL, url); 
      properties.put(Context.SECURITY_AUTHENTICATION,"simple"); 
      properties.put(Context.SECURITY_PRINCIPAL,username+"@"+domainController); 
      properties.put(Context.SECURITY_CREDENTIALS, password); 

      //initializing active directory LDAP connection 
      try { 

       dirContext = new InitialDirContext(properties); 
       System.out.println("dirContext: "+dirContext); 
      } catch (NamingException e) { 
       e.printStackTrace(); 
       log.severe(e.getMessage()); 
      } catch (Exception e) { 
       e.printStackTrace(); 
      } 
       domainBase = getDomainBase(domainController); 

      //initializing search controls 
      searchCtls = new SearchControls(); 
      searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE); 
      searchCtls.setReturningAttributes(returnAttributes); 

     } 



    public NamingEnumeration<SearchResult> searchUser(String searchValue, String searchBy, String searchBase) throws NamingException { 
       System.out.println("search value :: "+searchValue); 
       System.out.println("search base111 :: "+ ((null == searchBase) ? domainBase : getDomainBase(searchBase))); 
       String filter = getFilter(searchValue, searchBy);  
       String base = (null == searchBase) ? domainBase : getDomainBase(searchBase); // for eg.: "DC=myjeeva,DC=com"; 
       System.out.println("this.dirContext : "+this.dirContext); 



       return this.dirContext.search(base, filter, this.searchCtls); 
      } 
     private String getFilter(String searchValue, String searchBy) { 
      String filter = this.baseFilter;   
      if(searchBy.equals("email")) { 
       filter += "(mail=" + searchValue + "))"; 
      } else if(searchBy.equals("username")) { 
       filter += "(samaccountname=" + searchValue + "))"; 
      } 
      System.out.println("filter : "+filter); 
      return filter; 
     } 

我一直在使用这个this.dirContext.search(base, filter, this.searchCtls);

我怎么能知道用户是活跃或不活跃做搜索？

我发现谷歌得到active用户(!(useraccountcontrol:1.2.840.113556.1.4.803:=2))和deactive用户(useraccountcontrol:1.2.840.113556.1.4.803:=2)如何在JAVA代码中实现这两个。

Answer 1

谢谢你，你的提示工作，我设法读取活跃和不活跃的用户。

我成功地从Active Directory读取的活跃用户使用此过滤器：

(&(objectClass=user)(objectCategory=person)(!(useraccountcontrol:1.2.840.113556.1.4.803:=2))) 

而与此过滤器的所有活动的用户：

(&(objectClass=user)(objectCategory=person)(useraccountcontrol:1.2.840.113556.1.4.803:=2))