Directory Synchronization (DirSync)
Active Directory provides it’s own control for tracking changes in the directory. Note the following constraints when configuring your search:
baseDN | must be the root of a directory partition, which can be a domain partition, the configuration partition, or the schema partition |
scope | must be the entire subtree of the partition |
filter | any valid search filter |
attributes | list of attributes to be returned when a change occurs |
The DirSyncControl should be sent along with the ExtendedDnControl and the ShowDeletedControl. The DirSyncClient class encapsulates this behavior. Note that this example uses the DefaultCookieManager
. Implementers will most likely want to provide a custom implementation of CookieManager
to handle persistence of cookie data.
DirSyncClient
Connection conn = DefaultConnectionFactory.getConnection("ldap://directory.ldaptive.org");
try {
conn.open(new BindRequest("cn=manager,ou=people,dc=ldaptive,dc=org", new Credential("manager_password")));
DirSyncClient client = new DirSyncClient(
conn, new DirSyncControl.Flag[] {DirSyncControl.Flag.ANCESTORS_FIRST_ORDER, });
SearchRequest request = new SearchRequest("dc=ldaptive,dc=org", "(uid=*)");
Response<SearchResult> response = client.executeToCompletion(request, new DefaultCookieManager());
for (LdapEntry entry : response.getResult().getEntries()) {
// do something useful with the entry
}
} finally {
conn.close();
}