stackoom
  简体   繁体   中英

How to authenticate users in C# LDAP

 原文  2017-09-21 13:59:49       c#/ asp.net/ ldap

Question

I am new to LDAP related coding and today I am asked to develop a code to check the users authentication against LDAP.

The tutorials I have found online are so simple but our company's Directory is so complicated that I don't know how to write a code for that. Here is the info of the LDAP . I have changed the company name to hide the name. 

uri = ldaps://ABC.ad.XYZ.com:636
user_filter = memberOf=CN=TENXAIRFLOWPROD,OU=Security Groups,OU=Normal Users and Groups,OU=Account Management Services,OU=AD Master OU,DC=ABC,DC=ad,DC=XYZ,DC=com
user_name_attr = sAMAccountName
superuser_filter = memberOf=CN=TENXAIRFLOWPROD_ADM,OU=Security Groups,OU=Normal Users and Groups,OU=Account Management Services,OU=AD Master OU,DC=ABC,DC=ad,DC=XYZ,DC=com
bind_user = SCGLOBAL\twiki
bind_password_cmd = python /bns/tenx/airflow/ldap_password.py
basedn = DC=ABC,DC=ad,DC=XYZ,DC=com
search_scope = SUBTREE

Here is a code I have developed but it gives me error: 

string username = "myUserName";
string domain = "ldaps://ABC.ad.XYZ.com:636"; 
string pwd = "myPasword";              
try
{
    DirectoryEntry entry = new DirectoryEntry(domain, username, pwd);
    //Bind to the native AdsObject to force authentication.
    object obj = entry.NativeObject;
    lblError.Text=("Login Successful");

    //search some info of this user if any
    DirectorySearcher search = new DirectorySearcher(entry);
    search.Filter = "(SAMAccountName=" + username + ")";
    SearchResult result = search.FindOne();
}
catch (Exception ex)
{
    lblError.Text=("Login failed: " + ex.ToString());
}

Could anybody help plz?

1 answers

solution1
 2 ACCPTED  2017-09-21 14:36:46

Comment: According to the admin , I have been assigned to the group in AD. But how can I make sure I can access it?

It seems like Active Directory. If so, you could just use PrincipalContext . 

public bool ValidateCredentials(string domain, string username, string password)
{
    using (var context = new PrincipalContext(ContextType.Domain, domain))
    {
        return context.ValidateCredentials(username, password);
    }
}

public bool IsUserInAdGroup(string domain, string username, string adGroupName)
{
    bool result = false;
    using (var context = new PrincipalContext(ContextType.Domain, domain))
    {
        var user = UserPrincipal.FindByIdentity(context, username);
        if (user != null)
        {
            var group = GroupPrincipal.FindByIdentity(context, adGroupName);
            if (group != null && user.IsMemberOf(group))
                result = true;
        }
    }
    return result;
}

Please make sure to reference System.DirectoryServices.AccountManagement .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to authenticate in LDAP in C#? How to authenticate in LDAP with C# Using C# to authenticate user against LDAP C# authenticate user under LDAP Domain How to search users in LDAP using LdapConnection object in C#? How to authenticate C# web application with facebook users? searching users in active directory c# ldap how to authenticate ldap when not joined to a domain in Microsoft Active Directory using c# Authenticate user from specific groups on LDAP server using C# How to Authenticate LDAP in .NET
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM