List a user’s groups on an AD server

Question

List a user’s groups on an AD server

Asked 7 years, 5 months ago

Viewed 732 times

1

I need to list a user’s groups X on the AD server. I have the following code snippet ready that already authenticates on the server and returns me all groups:

public static boolean authenticateJndi(String username, String password) throws Exception{
        Properties props = new Properties();
        props.put(Context.INITIAL_CONTEXT_FACTORY, FACTORY);
        props.put(Context.PROVIDER_URL, URL);
        props.put(Context.SECURITY_AUTHENTICATION, "simple");
        props.put(Context.SECURITY_PRINCIPAL, USERNAME);//adminuser - User with special priviledge, dn user
        props.put(Context.SECURITY_CREDENTIALS, PASSWORD);//dn user password
        DirContext context;
        context = new InitialDirContext(props);
        String usersContainer = "cn=Users,dc=xxxx,dc=local";
        SearchControls ctls = new SearchControls();
        String[] attrIDs = { "cn" };
        ctls.setReturningAttributes(attrIDs);
        ctls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
        @SuppressWarnings("rawtypes")
        NamingEnumeration answer = context.search(usersContainer, "(objectclass=group)", ctls);
        while (answer.hasMore()) {
            SearchResult rslt = (SearchResult) answer.next();
            Attributes attrs = rslt.getAttributes();
            System.out.println(attrs.get("cn"));
        }

        context.close();

I don’t have much knowledge on the subject. Can anyone help me in this filter ?

1 answer

Browser other questions tagged java active-directory

You are not signed in. Login or sign up in order to post.

by Roknauta • **2,811** points · Answer 1 · 2017-01-25T18:05:18+00:00

After much research and testing, I was able to solve:

public static boolean authenticateJndi(String username, String password) throws Exception{
        Properties props = new Properties();
        props.put(Context.INITIAL_CONTEXT_FACTORY, FACTORY);
        props.put(Context.PROVIDER_URL, URL);
        props.put(Context.SECURITY_AUTHENTICATION, "simple");
        props.put(Context.SECURITY_PRINCIPAL, USERNAME);
        props.put(Context.SECURITY_CREDENTIALS, PASSWORD);
        DirContext context;
        context = new InitialDirContext(props);
        String usersContainer = "cn=Users,dc=teste,dc=local";
        SearchControls ctls = new SearchControls();
        String[] attrIDs = { "memberOf" };
        ctls.setReturningAttributes(attrIDs);
        ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
        NamingEnumeration<?> answer = context.search(usersContainer, "(&(objectClass=user)(sAMAccountName=dteste))", ctls);
        while (answer.hasMore()) {
            SearchResult rslt = (SearchResult) answer.next();
            Attributes attrs = rslt.getAttributes();
            String resultado = attrs.toString();
            resultado = resultado.substring(20,resultado.length()-1);
            getGrupos(resultado);
        }

        context.close();

        return true;
    }

    public static void getGrupos(String resultado){
        String[] partes = resultado.split(", ");

        for (String parte : partes){
            parte = parte.trim();
            parte = parte.substring(3, parte.indexOf(",CN"));
            System.out.println(parte);
        }
    }