Connection string to connect to Active Directory using LDAP
Question
my system admin gave me this:
Domain : capp.net USER : capp\\dhr2
Pass : admin@12345
what will the connection string be?
I am very very new to adfs. So i tried this:
<add name="ADConnectionString"
connectionString="LDAP://capp.net/CN=dhr,DC=capp,DC=net" />
<authentication mode="Forms">
<forms name=".ADAuthCookie" timeout="43200"/>
</authentication>
<authorization>
</authorization>
<membership>
<providers>
<clear/>
<add name="MyADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider"
connectionUsername="cn=dhr2"
connectionPassword="admin@12345"
connectionStringName="ADConnectionString"/>
</providers>
</membership>
I am always getting this error: Unable to establish secure connection with the server
I am doing someting wrong with the connection string. I just dont know how to fix it.
4 answers
solution1
5 ACCPTED 2013-03-01 13:07:31
Whenever I've accessed AD from .net I've done the following:
var directoryEntry = new DirectoryEntry("LDAP://capp.net");
directoryEntry.Username = "capp\dhr2";
directoryEntry.Password = "admin@12345";
Then you can query "AD" using the DirectorySearcher.
var directorySearcher = new DirectorySearcher(directoryEntry);
...
solution2
2 2013-03-04 09:13:07
Thanks to everyone for your help and support. The correct address in my case was:
LDAP://192.168.0.146/CN=USERS,DC=capp,DC=net
What i didnt realize in the beginning was that i was trying to connect to Active Directory in a different domain than my current domain. So the Ip address was the missing part. thanks a million to Luis who realized that there was something wrong was with the domain.
And thanks Shadow Walker for explaining the ldap connection string in more details.
solution3
1 2013-03-02 13:46:32
We have found this to work best to be sure you have the right parameters:
Often the hard part of connecting to AD using LDAP is Determining the FDN of the user to login with. If you know the samAccountName of the user you can find it using:
dsquery user -samid jim
"CN=Jim Willeke,CN=Users,DC=mad,DC=willeke,DC=com"
solution4
1 2013-03-04 00:04:36
For Active Directory, the ldap connection string can take this form:
protocol://domaindnsaddress
where protocol can be either ldap:// or ldaps:// , depending on whether to use standard or SSL connection. You should always troubleshoot using standard connection before moving to SSL/TLS to avoid certificate issues at this point.
domaindnsaddress is DNS-resolvable address of your domain - in your case capp.net .
Some programming languages, like php, do not require the ldap:// prefix to perform a connect operation. You may try connecting without it as well.
The username to log in can have several forms. The most common are:
- NetBIOS domain name\\samaccountname ( CAPP\\dhr2 - note the BACKslash )
- userprincipanname ( dhr2@capp.net )
- samaccountname@domaindnsname ( dhr2@capp.net )
You can read Microsoft's extensive information about the possible forms of your logon name here:
MSDN - Simple Authentication
Password does not need any special treatment - just perform the standard bind operation against your ldap server and you should be authenticated.
Please note that I am intentionally not including any sample code as your question was about the connection string, not about connecting to ldap using C# libraries.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.