[英]Cannot authenticate against Apache DS using C# and LdapConnection?
我安裝並配置了運行ldap的ApacheDS服務器。 這對我自學ldap來說是一個巨大的進步。 但是,以下C#控制台代碼返回以下錯誤:
System.DirectoryServices.Protocols.LdapException {"The supplied credential is invalid"}
我的代碼是使用此示例代碼來驗證示例用戶。
Program.cs中
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace SampleLdapAuthentication
{
class Program
{
static void Main(string[] args)
{
RunLdap run = new RunLdap("localhost", "organization", 635, "hderp", "spaceballs1234");
bool result = run.ValidateCredentials();
if(result)
{
Console.WriteLine("Authentication Succeeded");
}
else
{
Console.WriteLine("Authentication Failed");
}
}
}
}
SampleLdapAuthentication.cs
using System;
using System.Collections.Generic;
using System.DirectoryServices.Protocols;
using System.Linq;
using System.Net;
using System.Text;
using System.Threading.Tasks;
namespace SampleLdapAuthentication
{
public class RunLdap
{
private static string _domainController;
private static string _domain;
private static int _port;
private static string _userName;
private static string _userPassword;
//Constructor. Takes the domain controller, domain, port, username, and password and then calls Ldap Method to run authentication
public RunLdap(string domainController, string domain, int port, string userName, string userPassword)
{
_domainController = domainController;
_domain = null;
_port = port;
_userName = userName;
_userPassword = userPassword;
}
public bool ValidateCredentials()
{
LdapDirectoryIdentifier ldi = new LdapDirectoryIdentifier(_domainController, _port);
NetworkCredential networkCredential = new NetworkCredential(_userName, _userPassword, _domain);
try
{
//We use using so we dispose the object as soon as it goes out of scope
using (LdapConnection connection = new LdapConnection(ldi))
{
//connection.SessionOptions.SecureSocketLayer = true;
connection.AuthType = AuthType.Kerberos;
connection.Bind(networkCredential);
//Not sure what this is doing
}
return true;
}
catch(LdapException ldapException)
{
return false;
}
return false;
}//End of ValidateCredentials
}
}
LDAP服務器細節
我正在做的事情值得注意以下幾點:
AuthType
我想也許我輸入憑證並且我的C#代碼沒問題。 這就是我包含服務器AD信息的原因。 我是LDAP的新手並使用它來驗證用戶身份,所以感謝您的幫助。
您沒有使用用戶的專有名稱。 當您創建NetworkCredential
對象時,您應該使用用戶的distingushed名稱,在這種情況下, cn=Herp Derp,ou=users,o=organization
而不是hderp
。 如果沒有o
和ou
值,LDAP不知道在哪里查找hderp
。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.