LDAP and SASL
- From: "Amar" <Amar@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 28 Dec 2005 12:36:04 -0800
I am a newbie with enterprise directories. I am trying to write an ASP.NET
application to fetch some data from my university LDAP enterprise directory.
There are 2 types of access allowed to the LDAP server. One is a anonymous
access and another is the access that exists mainly to give privileged
accounts access to person information that can otherwise not be publicly
viewed. These privileged accounts, called Y Services, are primarily used to
look up person data and authorize people on this data.
Now, i was able to use the anonymous access priviliges and view the data
from LDAP server. What i want to do is to use the Y services and view the
person information that cannot be accessed via the anonymous access. For
example i want to view the date of birth for the person which is available in
the Y Services access.
The university instructions say the following:
What you see in Y Services is dependent on how you bind (anonymous, simple,
SASL EXTERNAL) and the amount of privileges the bound user has. Connecting to
Y Services requires the use of TLS client certificate authentication, meaning
you must have a signed certificate from the uiniversity in order to connect.
Users bound anonymously can only search on ID and can only see the DN
(distinguished name) of any user. Users that have performed a SASL EXTERNAL
bind can only see those attributes they have been approved to see (for all
users), and only if the corresponding service is ACTIVE.
Now, i know that the TLS client certificate has been installed on my server
by my Sys admin. Please tell me the steps to do the bind and fetch the date
of birth for all people in department X.
Here is the anonymous bind code.
Dim deLdapConn As DirectoryEntry = New
DirectoryEntry("LDAP://directory.a.edu/dc=a,dc=edu";)
Dim searcherLdap As New DirectorySearcher(deLdapConn)
Dim Results As SearchResultCollection
Dim propcoll As ResultPropertyCollection
Dim Result As SearchResult
Dim strKey As String
Dim obProp As Object
iNumProperties = 0
Try
searcherLdap.Filter = "(department=X)"
searcherLdap.PropertiesToLoad.Add("sn")
searcherLdap.PropertiesToLoad.Add("givenname")
searcherLdap.PropertiesToLoad.Add("telephonenumber")
searcherLdap.PropertiesToLoad.Add("uupid")
Results = searcherLdap.FindAll
iNumProperties = Results.Count()
ReDim arrFName(iNumProperties - 1)
ReDim arrLName(iNumProperties - 1)
ReDim arrPhone(iNumProperties - 1)
ReDim arrEmail(iNumProperties - 1)
ReDim arrDob(iNumProperties - 1)
iNumProperties = 0 ' Sets the start index for arrays
For Each Result In Results ' Starts the loop where result stores 1 record
and resultS stores all records
propcoll = Result.Properties ' Gets the all the properties (fieldnames) for
that record
For Each strKey In propcoll.PropertyNames ' Loop through each field name for
the selected record
iOnce = 0
For Each obProp In propcoll(strKey)
If strKey = "givenname" Then
arrFName(iNumProperties) = obProp
End If
If strKey = "sn" Then
arrLName(iNumProperties) = obProp
End If
If strKey = "telephonenumber" Then
arrPhone(iNumProperties) = obProp
End If
If strKey = "uupid" Then
arrEmail(iNumProperties) = obProp
End If
Next
Next
iNumProperties = iNumProperties + 1
Next
searcherLdap.Dispose()
searcherLdap = Nothing
deLdapConn.Close()
deLdapConn = Nothing
Catch Ex As Exception
Response.Write(Ex.ToString)
End Try
Please help me!! THANKS IN ADVANCE!!
.
- Follow-Ups:
- Re: LDAP and SASL
- From: Joe Kaplan \(MVP - ADSI\)
- Re: LDAP and SASL
- Prev by Date: Re: ASP.NET 2.0 Multiple Membership Providers for Authentication
- Next by Date: Re: .Net 2.0 Membership
- Previous by thread: ASP.NET IMPERSONATION AND ORACLE 8.1.7
- Next by thread: Re: LDAP and SASL
- Index(es):
Relevant Pages
|
|
