I'm connecting to a LDAP directory in C#, so I've used the DirectoryEntry class.
When you do the "new DirectoryEntry" with address, login, and password it is supposed to connect to the LDAP directory.
However, even if the connection didn't work, it returns without problem, and the directoryentry variable is set.
So i do i know my connection is really opened ? Right now, I'm using a very very ugly hack : i put a "if(mydirectory.SchemaEntry)" which generates an exception if the connection wasn't etablished, because some of the members of the DirectoryEntry, such as SchemaEntry, aren't set if the connection failed. But 1:that's gotta be 11/10 on the ugliness scale 2:that takes a lot of time before failing.
So what is the good way to do this ? Surely, Microsoft must have provided something (even if I'm using a LDAP directory and not an Active Directory) to know if I'm really connected ?
How does LDAP work with Active Directory? LDAP provides a means to manage user and group membership stored in Active Directory. LDAP is a protocol to authenticate and authorize granular access to IT resources, while Active Directory is a database of user and group information.
In order to authenticate a user with an LDAP directory you first need to obtain their DN as well as their password. With a login form, people typically enter a simple identifier such as their username or email address. You don't expect them to memorise the DN of their directory entry.
In the service account credentials, you can enter any user's account present in the LDAP server to perform the inbound operations i.e. LDAP Login, Role Mapping, and Attribute Mapping. You can get the above details (LDAP Server URL, Username, and Password) from your LDAP/AD administrator.
Just "newing" up a DirectoryEntry does NOT create a connection to the LDAP store.
Only once you start using its properties, or when you access the .NativeObject
property explicitly, you'll actually get a connection to the LDAP store.
In order to make sure you're connected, just read out the (DirectoryEntry).NativeObject
in a try...catch clause - if it bombs out, you have a problem, otherwise your connection is now up and active.
Unfortunately, to my knowledge, there is no property or method you can call to figure out whether or not you've successfully connected to LDAP using DirectoryEntry.
Marc
You can check DirectoryEntry.Properties.Count. If it's > 0, it's a valid object. .Properties is never null - you'll be able to read the count even if you're not connected up to a valid DirectoryEntry, and a valid DE will always have at least one property.
No try/catch or exceptions necessary.
Ok so marc_s's solution was approximately what i was doing (except i was looking for SchemaEntry and not NativeObject). But the timeout delay is much too long (the query is run to fill autocompletion values for a form). I think I actually prefer to pretend the connection is open and let the query run. That way, i can set my own, smaller, timeout delay.
You can check DirectoryEntry.Properties.Count. If it's > 0,for a valid object. But still let say your LDAP server is down. you can't identify it with any of its properties.Instead you can catch it using the try catch block
try
{
entry = new DirectoryEntry("priorityLDAPServer", sUserName, sPassword, AuthenticationTypes.None);
if(entry.Properties.Count > 0)
{
object o = entry.NativeObject;
` next need to check user record in application database`
}
}
catch (System.Runtime.InteropServices.COMException comex)
{
//throws you the error if LDAP server is down or wrong "Server is invalid "
// you can further do a nested try catch within this block if you to try a optional LDAP server.*
}
Hope this helps you
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With