I'm trying to port a piece of Java LDAP conneciton code to DOTNET.
I've done LDAP in DOTNET before, but I keep getting a very strange
message. The Java code looks like:
public static boolean authenticate(String username, String password)
throws javax.naming.NamingException {
SearchControls sc;
NamingEnumeration ne;
Hashtable<String,Stringh = new Hashtable<String,String>();
h.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
h.put(Context.PROVIDER_URL, "ldap://" + hostname + ":" + port);
if (usessl)
h.put(Context.SECURITY_PROTOCOL, "ssl");
if (servicedn != null) {
h.put(Context.SECURITY_AUTHENTICATION, "simple");
h.put(Context.SECURITY_PRINCIPAL, servicedn);
h.put(Context.SECURITY_CREDENTIALS, servicepassword);
}
DirContext ctx = new InitialDirContext(h);
String dn = "uid=" + username + ",ou=people," + base;
ctx.addToEnvironment(Context.SECURITY_AUTHENTICATI ON, "simple");
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, dn);
ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
try {
sc = new SearchControls();
sc.setSearchScope(SearchControls.OBJECT_SCOPE);
ne = ctx.search(dn, "(objectClass=*)", sc);
} catch (javax.naming.AuthenticationException e) {
return false;
}
return true;
}
The DOTNET code looks like:
static void Main(string [] args) {
String ldapAuthPath =
"LDAP://ldap.xxx.com/uid=xxx,ou=people,dc=xxx,dc=com";
String userName = "xxx";
String password = "pass";
DirectoryEntry rootEntry = null;
DirectorySearcher searcher = null;
SearchResult searchResult = null;
try {
rootEntry = new DirectoryEntry();
rootEntry.Path = ldapAuthPath;
rootEntry.Username = userName;
rootEntry.Password = password;
rootEntry.AuthenticationType = AuthenticationTypes.None;
searcher = new DirectorySearcher(rootEntry);
searcher.SearchScope = SearchScope.OneLevel;
searchResult = searcher.FindOne();
// if no exception the user was verified
Console.WriteLine("authenticated");
} catch (Exception e) {
// if exception user was not authenticated
Console.WriteLine(e.ToString());
}
}
I keep getting a message that the dn syntax is invalid. I've tried
various combinations of things. The Java code does not supply a
userName, but when I try to do this in DOTNET I get a invalid username
error.
Any ideas would be appreciated. It seems that the DOTNET API doesn't
offer the same degree of control.
mb
3  7058 
1. DirectoryEntry.UserName and Password are properties used to authenticate
the bind, you pecified an AuthenticationType.None that means you don't need
to specify the user credentials to bind.
2. You have (there are other options though) to specify the CN of the object
to bind to, like this:
using(DirectoryEntry user = new
DirectoryEntry("LDAP://ldap.xxx.com/CN=xxx,ou=people,DC=....")
{
try
{
PropertyCollection pcoll = user.Properties; // this will effectively
trigger the bind
Console.WriteLine(user.Properties["cn"].Value); // get a property
}
catch (DirectoryServicesCOMException ex)
{
Console.WriteLine(ex.Message);
}
}
Here you'll bind anonymously against the cn=xxxx, ou=people object in the
directory on ldap.xxx.com
Willy.
<mb******@gmail.comwrote in message
news:11**********************@h48g2000cwc.googlegr oups.com...
| I'm trying to port a piece of Java LDAP conneciton code to DOTNET.
| I've done LDAP in DOTNET before, but I keep getting a very strange
| message. The Java code looks like:
|
| public static boolean authenticate(String username, String password)
| throws javax.naming.NamingException {
| SearchControls sc;
| NamingEnumeration ne;
| Hashtable<String,Stringh = new Hashtable<String,String>();
|
| h.put(Context.INITIAL_CONTEXT_FACTORY,
| "com.sun.jndi.ldap.LdapCtxFactory");
| h.put(Context.PROVIDER_URL, "ldap://" + hostname + ":" + port);
|
| if (usessl)
| h.put(Context.SECURITY_PROTOCOL, "ssl");
| if (servicedn != null) {
| h.put(Context.SECURITY_AUTHENTICATION, "simple");
| h.put(Context.SECURITY_PRINCIPAL, servicedn);
| h.put(Context.SECURITY_CREDENTIALS, servicepassword);
| }
| DirContext ctx = new InitialDirContext(h);
|
| String dn = "uid=" + username + ",ou=people," + base;
| ctx.addToEnvironment(Context.SECURITY_AUTHENTICATI ON, "simple");
| ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, dn);
| ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
|
| try {
| sc = new SearchControls();
| sc.setSearchScope(SearchControls.OBJECT_SCOPE);
| ne = ctx.search(dn, "(objectClass=*)", sc);
| } catch (javax.naming.AuthenticationException e) {
| return false;
| }
| return true;
| }
|
| The DOTNET code looks like:
|
| static void Main(string [] args) {
|
| String ldapAuthPath =
| "LDAP://ldap.xxx.com/uid=xxx,ou=people,dc=xxx,dc=com";
| String userName = "xxx";
| String password = "pass";
|
| DirectoryEntry rootEntry = null;
| DirectorySearcher searcher = null;
| SearchResult searchResult = null;
|
| try {
|
| rootEntry = new DirectoryEntry();
|
| rootEntry.Path = ldapAuthPath;
| rootEntry.Username = userName;
| rootEntry.Password = password;
| rootEntry.AuthenticationType = AuthenticationTypes.None;
|
| searcher = new DirectorySearcher(rootEntry);
| searcher.SearchScope = SearchScope.OneLevel;
| searchResult = searcher.FindOne();
|
| // if no exception the user was verified
| Console.WriteLine("authenticated");
| } catch (Exception e) {
| // if exception user was not authenticated
| Console.WriteLine(e.ToString());
| }
| }
|
| I keep getting a message that the dn syntax is invalid. I've tried
| various combinations of things. The Java code does not supply a
| userName, but when I try to do this in DOTNET I get a invalid username
| error.
|
| Any ideas would be appreciated. It seems that the DOTNET API doesn't
| offer the same degree of control.
|
| mb
|
I did a network trace and I think I see the issue. The Java code
switches over to SSLv3, whereas the DOTNET code does not. Anyone know
how to set that?
mb
Willy Denoyette [MVP] wrote:
1. DirectoryEntry.UserName and Password are properties used to authenticate
the bind, you pecified an AuthenticationType.None that means you don't need
to specify the user credentials to bind.
2. You have (there are other options though) to specify the CN of the object
to bind to, like this:
using(DirectoryEntry user = new
DirectoryEntry("LDAP://ldap.xxx.com/CN=xxx,ou=people,DC=....")
{
try
{
PropertyCollection pcoll = user.Properties; // this will effectively
trigger the bind
Console.WriteLine(user.Properties["cn"].Value); // get a property
}
catch (DirectoryServicesCOMException ex)
{
Console.WriteLine(ex.Message);
}
}
Here you'll bind anonymously against the cn=xxxx, ou=people object in the
directory on ldap.xxx.com
Willy.
<mb******@gmail.comwrote in message
news:11**********************@h48g2000cwc.googlegr oups.com...
| I'm trying to port a piece of Java LDAP conneciton code to DOTNET.
| I've done LDAP in DOTNET before, but I keep getting a very strange
| message. The Java code looks like:
|
| public static boolean authenticate(String username, String password)
| throws javax.naming.NamingException {
| SearchControls sc;
| NamingEnumeration ne;
| Hashtable<String,Stringh = new Hashtable<String,String>();
|
| h.put(Context.INITIAL_CONTEXT_FACTORY,
| "com.sun.jndi.ldap.LdapCtxFactory");
| h.put(Context.PROVIDER_URL, "ldap://" + hostname + ":" + port);
|
| if (usessl)
| h.put(Context.SECURITY_PROTOCOL, "ssl");
| if (servicedn != null) {
| h.put(Context.SECURITY_AUTHENTICATION, "simple");
| h.put(Context.SECURITY_PRINCIPAL, servicedn);
| h.put(Context.SECURITY_CREDENTIALS, servicepassword);
| }
| DirContext ctx = new InitialDirContext(h);
|
| String dn = "uid=" + username + ",ou=people," + base;
| ctx.addToEnvironment(Context.SECURITY_AUTHENTICATI ON, "simple");
| ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, dn);
| ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
|
| try {
| sc = new SearchControls();
| sc.setSearchScope(SearchControls.OBJECT_SCOPE);
| ne = ctx.search(dn, "(objectClass=*)", sc);
| } catch (javax.naming.AuthenticationException e) {
| return false;
| }
| return true;
| }
|
| The DOTNET code looks like:
|
| static void Main(string [] args) {
|
| String ldapAuthPath =
| "LDAP://ldap.xxx.com/uid=xxx,ou=people,dc=xxx,dc=com";
| String userName = "xxx";
| String password = "pass";
|
| DirectoryEntry rootEntry = null;
| DirectorySearcher searcher = null;
| SearchResult searchResult = null;
|
| try {
|
| rootEntry = new DirectoryEntry();
|
| rootEntry.Path = ldapAuthPath;
| rootEntry.Username = userName;
| rootEntry.Password = password;
| rootEntry.AuthenticationType = AuthenticationTypes.None;
|
| searcher = new DirectorySearcher(rootEntry);
| searcher.SearchScope = SearchScope.OneLevel;
| searchResult = searcher.FindOne();
|
| // if no exception the user was verified
| Console.WriteLine("authenticated");
| } catch (Exception e) {
| // if exception user was not authenticated
| Console.WriteLine(e.ToString());
| }
| }
|
| I keep getting a message that the dn syntax is invalid. I've tried
| various combinations of things. The Java code does not supply a
| userName, but when I try to do this in DOTNET I get a invalid username
| error.
|
| Any ideas would be appreciated. It seems that the DOTNET API doesn't
| offer the same degree of control.
|
| mb
|
<mb******@gmail.comwrote in message
news:11**********************@m79g2000cwm.googlegr oups.com...
|I did a network trace and I think I see the issue. The Java code
| switches over to SSLv3, whereas the DOTNET code does not. Anyone know
| how to set that?
|
It will save you a lot of time if you would start reading the doc's on MSDN,
that said, ff you need to bind using SSL you'll have to set the
AuthenticationType.SecureSocketsLayer when creating an instance of
DirectoryEntry. Note that this requires a Certificate Server running on the
AD server, but I guess you aren't even connecting to a Windows LDAP server
(Active Directory server), so I can't guarantee this will even work in your
environment. Note that simple bind should work also, what happens when you
run the sample I posted?
Willy.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Durairaj Avasi |
last post by:
Here is my prg::::
use Net::LDAP qw(LDAP_SUCCESS LDAP_PROTOCOL_ERROR);
use Authen::SASL;
use Net::LDAP::Util qw(ldap_error_name ldap_error_text);
sub lConnect {
my $server = shift;
print "...
|
by: Fie Fie Niles |
last post by:
We need to use LDAP in conjunction with our ASP pages. Are there LDAP API
that can be used either from VB or VBScript ? Where can I find sample codes
for it ? Thank you very much.
|
by: Amar |
last post by:
I am trying to connect to my college LDAP directory using ASP.NET. This LDap
does not have security as it returns only user demographic information.
i do not need to bind with a username or...
|
by: Andrew |
last post by:
Hey all,
Working on revamping our Intranet here and making use of the LDPA, Active
Directory, Directory Services, etc. that .Net provides. I am still fairly
new on this subject, so the problem...
|
by: Bryan |
last post by:
Hello,
I have a asp.net app working with directory services on my Windows XP
development machine. However when I moved the application over to our
production server (Win 2000 Server) it no longer...
|
by: h2so4 |
last post by:
I want to write a program that will query an ldap directory. can I use adsi
or ado to do that, If yes how ?
tx
--
h2so4
|
by: sallas |
last post by:
Hi,
I have a simple LDAPS script:
#!/usr/bin/python2.3
import sys
import ldap
if __name__ == '__main__':
ldap.set_option(ldap.OPT_DEBUG_LEVEL,255)
|
by: Sells, Fred |
last post by:
I'm running python 2.5 (or 2.4) in an XP environment.
I downloaded and installed the .dll's from OpenLDAP-2.4.8+OpenSSL-0.9.8g-Win32.zip and copied the .dll's in c:/windows/system32 as instructed...
|
by: =?Utf-8?B?SHV0dHk=?= |
last post by:
I am new at trying to authenticate users against LDAP. I am getting the error
"Unable to establish secure connection with the server" with my current code.
Here's what I have thus far.
<add...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
