1
我需要訪問LDAP服務器來獲取用戶詳細信息,爲此我有一個下面的代碼,但它會引發無效憑據的以下錯誤。雖然憑證是絕對正確的,但我也通過應用其他用戶的憑證進行了驗證,如果我缺少某些內容以連接到LDAP服務器,請引導我嗎?LDAP憑據錯誤
ORA-31202: DBMS_LDAP: LDAP client/server error: Invalid credentials. 80090308: LdapErr: DSID-0C0903A8, comment: AcceptSecurityContext error, data 52e, v1db1
這裏是我的代碼來訪問LDAP服務器:
create or replace PROCEDURE Refresh_ActiveDirectory
IS
l_ldap_host VARCHAR2(256) := '10.133.10.22';
l_ldap_port VARCHAR2(256) := '389'; --Default
l_ldap_user VARCHAR2(256) := 'abl.com.pk\username';
l_ldap_passwd VARCHAR2(256) := 'password';
l_ldap_base VARCHAR2(256) := 'OU=Central-I,dc=abl,dc=com, dc=pk';
display_name VARCHAR2(255);
initials VARCHAR2(255);
samaccountname VARCHAR2(255);
email VARCHAR2(255);
department VARCHAR2(255);
grade VARCHAR2(255);
l_retval PLS_INTEGER;
l_session DBMS_LDAP.session;
l_attrs DBMS_LDAP.string_collection;
l_message DBMS_LDAP.MESSAGE;
l_entry DBMS_LDAP.MESSAGE;
l_attr_name VARCHAR2(256);
l_ber_element DBMS_LDAP.ber_element;
l_vals DBMS_LDAP.string_collection;
BEGIN
EXECUTE IMMEDIATE 'TRUNCATE TABLE ACTIVEDIRECTORY_12_MAR_17';
-- Choose to raise exceptions.
DBMS_LDAP.USE_EXCEPTION := TRUE;
-- Connect to the LDAP server.
l_session := DBMS_LDAP.init(hostname => l_ldap_host, portnum => l_ldap_port);
l_retval := DBMS_LDAP.simple_bind_s(ld => l_session, dn => l_ldap_user, passwd => l_ldap_passwd);
-- Get all attributes
--l_attrs(1) := 'displayName';
-- l_attrs(2) := 'initials';
--l_attrs(3) := 'mailNickName';
l_attrs(1) := 'displayName';
l_attrs(2) := 'initials';
l_attrs(3) := 'samaccountname';
l_attrs(3) := ' e-mail';
l_attrs(3) := 'department';
l_attrs(3) := 'department';
l_retval := DBMS_LDAP.search_s(ld => l_session, base => l_ldap_base, scope => DBMS_LDAP.SCOPE_SUBTREE, filter => '(&(&(objectclass=user) (!(physicaldeliveryofficename=no phone)))(!(useraccountcontrol=514)))', attrs => l_attrs, attronly => 0, res => l_message);
IF DBMS_LDAP.count_entries(ld => l_session, msg => l_message) > 0 THEN
-- Get all the entries returned by our search.
l_entry := DBMS_LDAP.first_entry(ld => l_session, msg => l_message);
<<entry_loop>>
WHILE l_entry IS NOT NULL
LOOP
-- Get all the attributes for this entry.
l_attr_name := DBMS_LDAP.first_attribute(ld => l_session, ldapentry => l_entry, ber_elem => l_ber_element);
--Clear variables
/*dispname := NULL;
initials := NULL;
mailnickname := NULL;*/
display_name := NULL;
initials := NULL;
samaccountname := NULL;
email := NULL;
department := NULL;
grade := NULL;
WHILE l_attr_name IS NOT NULL
LOOP
-- Get all the values for this attribute.
l_vals := DBMS_LDAP.get_values (ld => l_session, ldapentry => l_entry, attr => l_attr_name);
FOR i IN l_vals.FIRST .. l_vals.LAST
LOOP
IF l_attr_name = 'displayName' THEN
display_name := SUBSTR(l_vals(i),1,200);
ELSIF l_attr_name = 'initials' THEN
initials := SUBSTR(l_vals(i),1,200);
ELSIF l_attr_name = 'samaccountname' THEN
samaccountname := SUBSTR(l_vals(i),1,200);
ELSIF l_attr_name = 'e-mail' THEN
email := SUBSTR(l_vals(i),1,200);
ELSIF l_attr_name = 'department' THEN
department := SUBSTR(l_vals(i),1,200);
ELSIF l_attr_name = 'department' THEN
grade := SUBSTR(l_vals(i),1,200);
END IF ;
END LOOP values_loop;
l_attr_name := DBMS_LDAP.next_attribute(ld => l_session, ldapentry => l_entry, ber_elem => l_ber_element);
END LOOP attibutes_loop;
INSERT
INTO ACTIVEDIRECTORY_12_MAR_17
(
STAFF_ID,
FULL_NAME,
USER_ID,
EMAIL_ID,
DEPARTMENT,
GRADE
)
VALUES
(
initials,
display_name,
samaccountname,
email,
department,
grade
);
l_entry := DBMS_LDAP.next_entry(ld => l_session, msg => l_entry);
END LOOP entry_loop;
END IF;
-- Disconnect from the LDAP server.
l_retval := DBMS_LDAP.unbind_s(ld => l_session);
EXCEPTION
WHEN NO_DATA_FOUND THEN
NULL;
WHEN OTHERS THEN
ROLLBACK;
ERROR_LOGGER ('Refresh_ActiveDirectory', 'Refresh_ActiveDirectory', '', SQLCODE, substr(SQLERRM, 1, 500));
--Delete non-person users
END;
請告訴我們您的代碼拋出錯誤。聲明變量不會引發這樣的錯誤。 –
請參閱編輯代碼 – KeenLearner