Re: How to fetch attributes of LDAP entry?
From: Dennis Dobslaf (dobslaf_at_kdvz.de)
Date: 02/25/05
- Next message: Viorel Ghilas: "Re: Impersonation"
- Previous message: Peter Rilling: "Re: Access Web.Config from a seperate Class Library in same Solution"
- In reply to: Scott Allen: "Re: How to fetch attributes of LDAP entry?"
- Next in thread: Scott Allen: "Re: How to fetch attributes of LDAP entry?"
- Reply: Scott Allen: "Re: How to fetch attributes of LDAP entry?"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 25 Feb 2005 08:30:27 +0100
> That feature is by design - if you think about it - you never actually
> 'see' passwords anywhere in Windows.
>
> When you create the DirectoryEntry object you do so with a username
> and password. This call doesn't attach to the AD with a bad username
> and password. That's why the user is considered authenticated if
> found.
That's what I thought (at first). I'm not the LDAP guru so I searched in
msdn and found this:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sds/sds/active_directory_authentication_from_asp__net.asp
I used the LdapAuthentication class from the link above. The following
method throws an Exception:
public bool IsAuthenticated(String domain, String username, String pwd)
{
String domainAndUsername = domain + @"\" + username;
DirectoryEntry entry = new
DirectoryEntry(_path,domainAndUsername, pwd);
try
{
//Bind to the native AdsObject to force authentication.
Object obj = entry.NativeObject;
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + username + ")";
search.PropertiesToLoad.Add("cn");
SearchResult result = search.FindOne();
if(null == result)
{
return false;
}
//Update the new path to the user in the directory.
_path = result.Path;
_filterAttribute = (String)result.Properties["cn"][0];
}
catch (Exception ex)
{
throw new Exception("Error authenticating user. " + ex.Message);
}
return true;
}
@ Object obj = entry.NativeObject;
It throws an System.Runtime.InteropServices.COMException with the
message "Der Authentifizierungmethode ist unbekannt" same as "unknown
authentication mode" in english.
I tried to add AuthenticationTypes.Anonymous to the DirectoryEntry
object but then it seems that he doesn't search for any authentication,
but no other AuthType worked.
Also I could not use the Filter "SAMAccountName" (if I uses
'Anonymous'), I have to search for the 'cn'. I don't know if our LDAP is
different to others (it's openldap). If it is so, I have to search for
the solution on other places.
- Next message: Viorel Ghilas: "Re: Impersonation"
- Previous message: Peter Rilling: "Re: Access Web.Config from a seperate Class Library in same Solution"
- In reply to: Scott Allen: "Re: How to fetch attributes of LDAP entry?"
- Next in thread: Scott Allen: "Re: How to fetch attributes of LDAP entry?"
- Reply: Scott Allen: "Re: How to fetch attributes of LDAP entry?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
