Menu
I'm using DirectorySearcher to search for a user entry in LDAP server.
DirectoryEntry de = new DirectoryEntry(); de.Path = "LDAP://myserver/OU=People,O=mycompany"; de.AuthenticationType = AuthenticationTypes.None; DirectorySearcher deSearch = new DirectorySearcher(); deSearch.SearchRoot = de; deSearch.Filter = "(uid=" + model.UserName + ")"; SearchResult result = deSearch.FindOne(); I'm able to get th intended output in result variable.
However If I try to authenticate the same user by providing password in directory entry, I always get following error.
"The user name or password is incorrect."
DirectoryEntry entry = new DirectoryEntry("LDAP://myserver/OU=People,O=mycompany", username, password); DirectorySearcher search = new DirectorySearcher( entry, "(uid=" + username + ")", new string[] { "uid" } ); search.SearchScope = System.DirectoryServices.SearchScope.Subtree; SearchResult found = search.FindOne(); ->>>>>this is where I get wrong credential error. The username and password are for the user I want to authenticate.
Can anyone tell me what I'm doing wrong here or how to debug this.
584
The using statement causes the object itself to go out of scope as soon as Dispose is called. Within the using block, the object is read-only and can't be modified or reassigned. A variable declared with a using declaration is read-only.
Get started with C. Official C documentation - Might be hard to follow and understand for beginners. Visit official C Programming documentation. Write a lot of C programming code - The only way you can learn programming is by writing a lot of code.
C is more difficult to learn than JavaScript, but it's a valuable skill to have because most programming languages are actually implemented in C. This is because C is a “machine-level” language. So learning it will teach you how a computer works and will actually make learning new languages in the future easier.
This username, password within this line:
DirectoryEntry("LDAP://myserver/OU=People,O=mycompany", username, password); should be for an account that has permission for directory lookup. It could be a service account or testing purpose try with your own. This shouldn't be the user/pass of someone who you are trying to authenticate.
If you want to authenticate, you can use following steps using PrincipalContext:
using(var context = new PrincipalContext(ContextType.Domain, "mydomain", "mydomain\serviceAcct", "serviceAcctPass")) { //Username and password for authentication. return context.ValidateCredentials(username, password); } "serviceAcct" = an account within domain users that has permission for directory lookup. "serviceAcctPass" = password for that service account. As I said, for testing you can try with your own user/pass context.
Also, make sure supplied username has either "domain\username" or "username@domain" formatting.
154
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
