Active Directory SSL

---

• From: Chris Davoli <ChrisDavoli@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Tue, 14 Nov 2006 11:04:02 -0800

---

Can somebody tell me how to authenticate USING SSL against an active
directory server? The below code works without SSL, but how do I get it to
work using SSL certificate and port 636? I'm assuming that the URL needs to
be changed to LDAPS://XX.XXX.X.XX:636/dc=XXXXXX,dc=XXXXX where LDAPS and Port
= 636 is specified. Is this true?


Public Function IsUserAuth( _
ByVal UserIDtoAuthenticate As String, _
ByVal PasswordToAuthenticate As String) As Boolean

Try

_ldapServerName = "XX.XXX.X.XX" ' LDAP server to
Authenticate against

_path = AppSettings("AD_Path") '"LDAP://"; & _ldapServerName
& "/dc=XXXXXX,dc=XXXXX"

Dim oRoot As DirectoryEntry = New DirectoryEntry(_path,
UserIDtoAuthenticate, PasswordToAuthenticate)
oRoot.Username = AppSettings("AD_UserID")
oRoot.Password = AppSettings("AD_Password")
Dim obj As Object = oRoot.NativeObject

Dim oSearcher As DirectorySearcher = New
DirectorySearcher(oRoot)
oSearcher.Filter = "(SAMAccountName=" & UserIDtoAuthenticate
& ")"
Dim oResult As SearchResult

oSearcher.PropertiesToLoad.Add("cn")

oResult = oSearcher.FindOne
If oResult Is Nothing Then
'Authentication failed
Return False
End If
'Authentication success
Return True

Catch ex As Exception
If ex.GetBaseException.ToString.IndexOf("Logon failure:
unknown user name or bad password") > -1 Then
'Return "Logon failure: unknown user name or bad password"
'Authenticated failed
Return False
Else
If ex.GetBaseException.ToString.IndexOf("The directory
service is unavailable") > -1 Then
Return False
Else
Return False
'Throw New Exception("Error obtaining group names. "
& ex.Message)
End If
End If
End Try


End Function

--
Chris Davoli

.

---

• Follow-Ups:
  • Re: Active Directory SSL
    • From: Joe Kaplan

• Prev by Date: Minimum Permissions Required to Run ASP.NET
• Next by Date: Re: Active Directory SSL
• Previous by thread: Minimum Permissions Required to Run ASP.NET
• Next by thread: Re: Active Directory SSL
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Active Directory SSL ... SSL/LDAP port and can't be changed. ... My recommendation is that if you just want to authenticate a user, ... as the name must match the DC certificate to make a successful SSL ... Dim oRoot As DirectoryEntry = New DirectoryEntry(_path, ... (microsoft.public.dotnet.framework.aspnet.security) Re: pam_ldap ... What LDAP server are you trying to authenticate against? ... >> LDAP while not utilizing SSL. ... syslog.conf can direct openldap logs to a separate file. ... (Fedora) Python, SOAP & SSL ... have to comunicate through SOAP. ... comunication we use SSL. ... package has various SOAP servers defined. ... expecify CA or ist certificate to authenticate itself to the SOAPServer. ... (comp.lang.python) Re: SSL info ... appreciate various elements could be secure/unsecure but how would ... But this is not a problem of SSL itself. ... since you can turn on and off authentication and encryption as you like. ... can't just authenticate the server, you can also authenticate the client ... (alt.computer.security) Re: Building an Intranet ... you use SSL. ... I also think VPN is your best option. ... Thus you can't authenticate a client by IP even if you use SSL. ... (comp.security.misc)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.framework.aspnet.security  > 2006-11