Directory Synchronization (DirSync)
Active Directory provides its own control for tracking changes in the directory. Note the following constraints when configuring your search:
| baseDN | must be the root of a directory partition, which can be a domain partition, the configuration partition, or the schema partition |
| scope | must be the entire subtree of the partition |
| filter | any valid search filter |
| attributes | list of attributes to be returned when a change occurs |
The DirSyncControl should be sent along with the ExtendedDnControl and the ShowDeletedControl. The DirSyncClient class encapsulates this behavior. Note that this example uses the DefaultCookieManager. Implementers will most likely want to provide a custom implementation of CookieManager to handle persistence of cookie data.
DirSyncClient
Connection conn = DefaultConnectionFactory.getConnection("ldap://directory.ldaptive.org");
try {
conn.open(new BindRequest("cn=manager,ou=people,dc=ldaptive,dc=org", new Credential("manager_password")));
DirSyncClient client = new DirSyncClient(
conn, new DirSyncControl.Flag[] {DirSyncControl.Flag.ANCESTORS_FIRST_ORDER, });
SearchRequest request = new SearchRequest("dc=ldaptive,dc=org", "(uid=*)");
Response<SearchResult> response = client.executeToCompletion(request, new DefaultCookieManager());
for (LdapEntry entry : response.getResult().getEntries()) {
// do something useful with the entry
}
} finally {
conn.close();
}