LDAP Authentication

From: Kurtis Golding (kurtisgolding@hotmail.com)
Date: 06/04/02


From: "Kurtis Golding" <kurtisgolding@hotmail.com>
Date: Mon, 3 Jun 2002 19:29:34 -0700


Is it possible to use the
System.DirectoryServices.DirectoryEntrie class to do a
basic user authorization against a NON Microsoft V3 LDAP
directory? I have seen a few code examples and news
posting that claim this is possible, but I am having a
difficult time getting it to work. I can use the
System.DirectoryServices class members to browse the
directory, but I have not been able to do an
authentication with it. I am aware that this is not a
recommended way to do user authentication, but it seems
to be an expedient way to accomplish what I am trying to
do. (PS: If there is a better way to do this I am open to
suggestion)

Here is an example of the method I am attempting to write:
public bool authenticateUser(String uid, String pw)
                {
                        // The getEntryPath(uid) get the
full path
                        // for this auth call
                        String myPath = getEntryPath
(uid);

                        //It looks something like:
                        //"LDAP://my.directory.com/
//uid=MyUserID,o=my.company.com,c=us";

                        DirectoryEntry entry = new
DirectoryEntry(myPath);

// AuthenticationTypes.None sets the control to use //the
most basic form
                        // of authentication - I Think?
                        entry.AuthenticationType =
AuthenticationTypes.None;

                        //Set the user name and password.
                        entry.Username = uid;
                        entry.Password = pw;

                        try
                        {
                        // Force the entry to bind or
interact with the LDAP //
Server. I assume I can call a number of different
// methods here and
                        // get the same behavior.
                                entry.RefreshCache();
                        // User Found, Credentials passed
inspection.
                                return true;
                        }
                        catch(Exception Ex)
                        {
// Object Not Found Exception - User //Credentials Failed
                                return false;
                        }
                        
                        
                }
The error output of Ex is:
System.Runtime.InteropServices.COMException (0x80072030):
There is no such object on the server
   at System.DirectoryServices.DirectoryEntry.Bind
(Boolean throwIfFail)
   at System.DirectoryServices.DirectoryEntry.Bind()
   at System.DirectoryServices.DirectoryEntry.RefreshCache
()
   at ActiveDirectory.Form1.authenticateUser(String uid,
String pw)

If I leave the password blank, it will find the user. If
I supply a password, it will not find anything - even if
the password is correct, and throw that exception. So I
must being doing something wrong, or this library is not
compatible with all LDAP servers.

Any help would be greatly appreciated,
Kurt



Relevant Pages

  • slapd - slow starting
    ... contact LDAP server ... then slapd started fine but I without ldap in nsswitch.conf I cant ... # The user ID attribute (defaults to uid) ... # SSL enabled. ...
    (freebsd-stable)
  • Re: Getting user info via LDAP, authenticating via Kerberos
    ... I can successfully get a Kerberos ticket **if ldap is not listed in nsswitch.conf**. ... I ssh to our server using my domain credentials, ... # The user ID attribute (defaults to uid) ...
    (comp.protocols.kerberos)
  • Re: Does samba 3.0.14Aa on OS 5.0.6 work with ldapsam backend on another LDAP server?
    ... used 3.0.9 on SCO 5.0.6 for quite some time after suffering problems I ... a RedHat4 box running samba 3.0.10 and OpenLDAP 2.2.13. ... and no LDAP server (although there were the ... share on the SCO server without any smbpasswd on that server! ...
    (comp.unix.sco.misc)
  • RE: LDAP & Find People not working
    ... need to refer to the KB article below to know how to use LDAP: ... | Yes, the scanner is on the local area network, so as you indicated below, ... | So I wonder why the scanner does not see the LDAP server. ...
    (microsoft.public.windows.server.sbs)
  • Re: Configuring LDAP on Entourage 2004 OS X
    ... On the SBS server box, open Server Management console, navigate to ... by companies that are independent of Microsoft. ... Configuring LDAP on Entourage 2004 OS X ...
    (microsoft.public.windows.server.sbs)