Getting user group in LDAP using Novell.Directory.Ldap.NETStandard
Question
I have simple service that gets user details using Novell.Directory.Ldap.NETStandard and F# (I can provide transcript for c# if that is necessary, but this part is very similar) and it looks like this:
use connection = new LdapConnection();
connection.Connect(credentials.host, LdapConnection.DefaultPort);
connection.Bind($"{credentials.domain}\{credentials.username}", credentials.password);
match connection.Connected with
| true ->
let schema = connection.FetchSchema((connection.GetSchemaDn()));
let filter = $"(SAMAccountName={credentials.username})"
let searcher = connection.Search(String.Empty, LdapConnection.ScopeBase, filter, null, false);
return (searcher |> Some, String.Empty)
| false ->
raise (Exception())
return (None, $"Cannot connect to domain {credentials.domain} with user {credentials.username}")
Now I cant find information about group that this user is assign to, normally when I use Directory.Service I just add:
directorySearcher.Filter <- sprintf "(SAMAccountName=%s)"credentials.username
To directory searcher and I can filter this information out (as Directory.Service is windows limited i can not use it in this project), but I can not find any information how to use it in Novell.Directory.Ldap.
1 answers
solution1
0 2021-10-23 10:37:19
You have to provide the required attributes (ie. memberOf in order to read user's group) as an array of strings instead of null when calling Search() :
let attrs = [| "SAMAccountName"; "memberOf"; |];
let searcher = connection.Search(searchbase, scope, filter, attrs, false);
You can also pass "*" to get all non-operational attributes.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.