使用C#对LDAP服务器上特定组的用户进行身份验证
[英]Authenticate user from specific groups on LDAP server using C#
问题描述
I have a few nested groups on LDAP server and users in these groups. 
我在LDAP服务器上有一些嵌套的组,这些组中的用户。 How can I authenticate users with given username and password by searching only in groups(not whole domain)? 如何仅通过按组(而不是整个域)搜索来使用给定的用户名和密码对用户进行身份验证? Does bind do this? 绑定会这样做吗?
1 个解决方案
解决方案1
1 已采纳 2018-07-10 13:04:27
As confirmed by you in the comment section of this question, the LDAP server you're talking about is an Active Directory server. 如您在此问题的评论部分所确认的那样,您正在谈论的LDAP服务器是Active Directory服务器。 So, my answer is based on this famous answer about how to validate a username and password against Active Directory , except that I've made a modification based on your requirement to limit the scope of search. 因此,我的答案基于关于如何根据Active Directory验证用户名和密码的著名答案 ,除了我已根据您的要求进行了修改以限制搜索范围。
If you work on .NET 3.5 or newer, you can use the System.DirectoryServices.AccountManagement namespace's PrincipalContext Constructor (ContextType, String, String) and easily verify your credentials: 如果使用.NET 3.5或更高版本,则可以使用System.DirectoryServices.AccountManagement命名空间的PrincipalContext构造函数(ContextType,String,String),并轻松地验证您的凭据:
// create a "principal context"
using(PrincipalContext pc = new PrincipalContext(ContextType.Domain, "YOUR.DOMAIN",
"OU=Where,OU=You,OU=Wanna,OU=Search,DC=YOUR,DC=DOMAIN"))
// change your container to a base OU where all your users are located.
{
// validate the credentials
bool isValid = pc.ValidateCredentials("myuser", "mypassword");
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.