spring ldap ldaps 創建，修改，刪除，獲取AD域賬號，修改密碼，賬號權限，登陸驗證

 

公司業務需求，java實現對AD域賬號得管理。

1.創建賬號（不帶密碼，userAccountControl 爲544（512+32））參考https://support.microsoft.com/zh-cn/help/305144/how-to-use-useraccountcontrol-to-manipulate-user-account-properties

2.創建賬號帶密碼，userAccountControl爲512 要ldaps協議通訊，具體如何操作下面詳解。

3.創建賬號，獲取AD域賬號，刪除AD域賬號 參考 https://www.jianshu.com/p/316fbb6bfd81

4.修改AD域賬號 參考https://blog.csdn.net/ki_boy/article/details/38731593

5.創建組織，修改組織，組織添加，刪除人員 參考 https://blog.csdn.net/qq_22798455/article/details/81087275

6.ldaps詳解，創建密碼字段，修改密碼，控制權限 參考https://blog.csdn.net/tiantiandjava/article/details/91944135

7.java證書安裝 https://blog.csdn.net/hc1017/article/details/81293323

8.驗證登陸 https://blog.csdn.net/garyond/article/details/80224221

https://blog.csdn.net/garyond/article/details/80224221

https://bbs.csdn.net/topics/391829578

9.配置多個ldap，ldaps連接,不同用戶訪問不同得ldap,ldaps

思路：

順便說下ldaps連接 類似spring ldap 只要把url ldap 變成ldaps  端口389 改成636

10  partialresultexception報錯解決方案

https://stackoverflow.com/questions/37486159/springs-ldaptemplate-search-partialresultexception-unprocessed-continuation-r

11

javax.naming.CommunicationException: simple bind failed: misguided.com.au:343 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]

https://stackoverflow.com/questions/12066430/javax-naming-communicationexception-simple-bind-failed/12066687 需要步驟7證書安裝

12 單純得simple bind failed connect resued  是你ldaps訪問不到   需要步驟7 創建 AD CS