I have an instance of AD/LDS running on my machine and I'm trying to connect to it using the System.DirectoryServices.Protocols.LdapConnection class. For some reason every time I call the Bind() method it throws an LdapException complaining about invalid credentials.
Here's the code I'm using to set up the connection:
var ldapDirectoryIdentifier = new LdapDirectoryIdentifier(config.Server.Host, config.Server.Port);
var creds = new NetworkCredential(config.Credentials.Username, config.Credentials.Password)
{
Domain = config.Credentials.
};
ldapConnection = new LdapConnection(ldapDirectoryIdentifier, creds, AuthType.Basic);
if (config.Server.Secure)
{
cert = new X509Certificate(config.Server.Certificate);
ldapConnection.SessionOptions.SecureSocketLayer = true;
ldapConnection.SessionOptions.VerifyServerCertificate = CheckCertificate;
}
ldapConnection.SessionOptions.ProtocolVersion = 3;
try
{
ldapConnection.Bind();
}
catch (LdapException e)
{
Log.LogException(e);
Environment.Exit(e.ErrorCode);
}
The configuration is coming from an App.config file as in the following example:
<server host="host" port="389"/>
<credentials username="username" password="password" domain="domain"/>
<usersearch base="ou=test,dc=test,dc=com" filter="(middlename=user)" objectclass="inetorgperson"/>
<devicesearch base="ou=test,dc=test,dc=com" filter="(sn=device)" objectclass="inetorgperson"/>
I've tried modifying the credentials part to get it connecting; setting username="DOMAIN\\user\u0026quot;
, with and without the domain entry to credentials. I've tried messing with the connection strings, eg <server host="LDAP://host[:389]"/>
. It just says the credentials, which I use to connect to the instance with both ADSI Edit and ldp, are invalid.
I CAN connect with the same domain credentials (local user account) using System.DirectoryServices.DirectoryEntry
so I suspect it's the AD bit of AD/LDS being picky.
Anyone got any ideas?
It's probably on the session option. Try to force authentication type:
ldapConnection.AuthType = AuthType.Negotiate;
It may also be the way you handle the certificate. Try to add it this way:
ldapConnection.ClientCertificates.Add(cert);
我继续仔细检查了哪些AuthTypes可用并将其设置为Ntlm。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.