I'm using Novell.Directory.Ldap
in a Xamarin mobile application, written in C#.
Using Novell, I am able to authenticate a user based on domain, username, and password using
LdapConnection.bind(username, password);
Then, I perform a search, using the sAMAccountName
, which is equivalent to the supplied username.
After all this, which works successfully, I need to get the user's objectGuid
so that I can query external databases, which use that guid as a key. The problem is, when I get the guid back form the LdapSearchResults
, it's encoded somehow. And I cannot figure out how to get the readable string representation of this guid.
Does anyone have more information on this? I would imagine that the guid is encoded somehow, but how it's encoded, I do not know. I have tried
System.Convert.FromBase64String
and that didn't help. I appreciate the help guys, let me know if I can post anymore information that'd be helpful.
private void Login()
{
if (LOG.isInfoEnabled())
{
LOG.info("Attempting LDAP logon . . .");
if (LOG.isDebugEnabled())
{
LOG.debug("Host: " + this.ldapHost);
LOG.debug("Port: " + this.ldapPort);
LOG.debug("SearchBase: " + this.ldapSearchBase);
}
}
LdapConnection conn = new LdapConnection();
try
{
conn.Connect(this.ldapHost, this.ldapPort);
if (LOG.isDebugEnabled())
{
LOG.debug("connected?: " + conn.Connected.ToString());
}
}
catch (Exception e)
{
LOG.error("An exception occurred while attempting to connect to AD server!", e);
// INFORM USER ABOUT ERROR
authError(Resource.String.error_unknown);
}
if (!string.IsNullOrEmpty(this.editTextUserName.Text) && !string.IsNullOrEmpty(this.editTextPassword.Text))
{
// HIDE KEYBOARD
var imm = (InputMethodManager)GetSystemService(Context.InputMethodService);
imm.HideSoftInputFromWindow(editTextPassword.WindowToken, HideSoftInputFlags.NotAlways);
// HIDE 'LOGON' BUTTON WHILE LOGGING ON
this.buttonLogin.Visibility = ViewStates.Invisible;
try
{
// PERFORM AUTHENTICATION
conn.Bind(this.userName, this.userPassword);
if (LOG.isDebugEnabled())
{
LOG.debug("conn.Bound?: " + conn.Bound);
}
if (conn.Bound)
{
if (LOG.isDebugEnabled())
{
LOG.debug("authentication successful");
}
string[] name = this.userName.Split('\\');
LOG.debug("name[0]: " + name[0]);
LOG.debug("name[1]: " + name[1]);
string filter = "(sAMAccountName=" + name[1] + ")";
string guid = "";
LdapSearchResults searchResults = conn.Search(
this.ldapSearchBase, // search base
LdapConnection.SCOPE_SUB, // search scope
filter, // filter
null, // attributes
false); // attributes only
while (searchResults.hasMore())
{
LdapEntry nextEntry = null;
try
{
nextEntry = searchResults.next();
guid = nextEntry.getAttribute("objectGUID").StringValue;
}
catch (LdapException e)
{
LOG.error("An exception occurred while attempting to get next search result!", e);
continue;
}
}
Intent intent = new Intent(this, typeof(DashboardActivity));
intent.PutExtra("guid", guid);
StartActivity(intent);
}
else
{
// INFORM USER ABOUT ERROR
authError(Resource.String.error_auth);
}
}
catch (LdapException ldape)
{
LOG.error("An exception occurred while attempting to authenticate user credentials!", ldape);
// INFORM USER ABOUT ERROR
authError(Resource.String.error_auth);
}
finally
{
conn.Disconnect();
}
}
else
{
conn.Disconnect();
}
}
Essentially, the objectGUID never changes. That is its purpose, and why you can connect to AD objects based on it, and know that you will get the same object as before (assuming it exists).
ObjectGUID is an Attribute-Names which represents a Universally Unique Identifier as used in Microsoft Active Directory.
I'm not sure if the Novell library encodes it in some other way, but System.DirectoryServices provides the GUID as a byte array. You can get this to a readable string using the System.Guid struct:
new Guid((System.Byte[])this.GUID).ToString()
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With