stackoom
  简体   繁体   中英

How to check if LDAP user exists/active?

 原文  2012-03-08 15:39:04       c#/ active-directory/ ldap

Question

I am using C# application to authenticate and check Active Directory user which locates on a Window 2008 64 bit server.

I was able to authenticate a user successfully when supplying the user name and password using the following code: My domainName value is rootforest.com and my userName is admin6 

        UserPrincipal usr;
        PrincipalContext ad;

        //Enter Active Directory settings
        ad = new PrincipalContext(ContextType.Domain, domainName,usrName,pswd);

        //search user
        usr = new UserPrincipal(ad);
        usr.SamAccountName = usrName;

        PrincipalSearcher search = new PrincipalSearcher(usr);
        usr = (UserPrincipal)search.FindOne();
        search.Dispose();

In another function where I want to check if user 'admin6' exists and I don't have the password, but when I check it the function keep throwing "Logon failire: unkoown user name or bad password. \\r\\n". The code I used was almost identical to the above except this line: 

        //Enter Active Directory settings
        ad = new PrincipalContext(ContextType.Domain, domainName);

Having this not working, I've tried other code I found on the web but they all give me the same error. I begun to think it could be how I set up my Active Directory domain?

The picture below is how my domain looks:

https://picasaweb.google.com/100922945973553878191/ActiveDirectory?authuser=0&feat=directlink

Can anyone assist me with this? I've been stuck with this issue for last day or so now and I can't seem to find out why. If you have some codes I can try it would be great

1 answers

solution1
 1 ACCPTED  2012-03-08 16:04:18

To check whether the user exists, your code must execute a base-level search using the known distinguished name. If the results of the search are successful and the number of entries returned as part of the search result are greater than 1, then the distinguished name exists in the directory database.

This is different from establishing the authentication state of a connection which is accomplished with a bind request. If the bind request is successful, then the connection's authentication state is set according to the distinguished name used in the bind.

Perhaps you should check the status of the distinguished name using the command line ldapsearch tool. This will allow you to be confident that the distinguished name exists, and also if the credentials are correct, and also that directory permissions allow for what you are trying to accomplish. Once you have satisfied yourself as to the existence of the distinguished name and the credentials, you can proceed with troubleshooting your code.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to check if a user exists on LDAP How to check if currently logged in user exists in Active Directory How to check if user is a member of crossdomain group in ldap? quickest way to check if a user exists in an active directory group in c# Check user is locked in LDAP? How to retrieve Specific user by LDAP Path in active Directory How to check if Firebase Facebook user exists - Unity How to check if the user exists in the database or not in c#? How to check user id already exists how to check if the user exists from a text label?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM