I'm trying to port a piece of Java LDAP conneciton code to DOTNET.
I've done LDAP in DOTNET before, but I keep getting a very strange
message. The Java code looks like:
public static boolean authenticate(String username, String password)
throws javax.naming.NamingException {
SearchControls sc;
NamingEnumeration ne;
Hashtable<String,Stringh = new Hashtable<String,String>();
h.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
h.put(Context.PROVIDER_URL, "ldap://" + hostname + ":" + port);
if (usessl)
h.put(Context.SECURITY_PROTOCOL, "ssl");
if (servicedn != null) {
h.put(Context.SECURITY_AUTHENTICATION, "simple");
h.put(Context.SECURITY_PRINCIPAL, servicedn);
h.put(Context.SECURITY_CREDENTIALS, servicepassword);
}
DirContext ctx = new InitialDirContext(h);
String dn = "uid=" + username + ",ou=people," + base;
ctx.addToEnvironment(Context.SECURITY_AUTHENTICATI ON, "simple");
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, dn);
ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
try {
sc = new SearchControls();
sc.setSearchScope(SearchControls.OBJECT_SCOPE);
ne = ctx.search(dn, "(objectClass=*)", sc);
} catch (javax.naming.AuthenticationException e) {
return false;
}
return true;
}
The DOTNET code looks like:
static void Main(string [] args) {
String ldapAuthPath =
"LDAP://ldap.xxx.com/uid=xxx,ou=people,dc=xxx,dc=com";
String userName = "xxx";
String password = "pass";
DirectoryEntry rootEntry = null;
DirectorySearcher searcher = null;
SearchResult searchResult = null;
try {
rootEntry = new DirectoryEntry();
rootEntry.Path = ldapAuthPath;
rootEntry.Username = userName;
rootEntry.Password = password;
rootEntry.AuthenticationType = AuthenticationTypes.None;
searcher = new DirectorySearcher(rootEntry);
searcher.SearchScope = SearchScope.OneLevel;
searchResult = searcher.FindOne();
// if no exception the user was verified
Console.WriteLine("authenticated");
} catch (Exception e) {
// if exception user was not authenticated
Console.WriteLine(e.ToString());
}
}
I keep getting a message that the dn syntax is invalid. I've tried
various combinations of things. The Java code does not supply a
userName, but when I try to do this in DOTNET I get a invalid username
error.
Any ideas would be appreciated. It seems that the DOTNET API doesn't
offer the same degree of control.
mb
3  7056 
1. DirectoryEntry.UserName and Password are properties used to authenticate
the bind, you pecified an AuthenticationType.None that means you don't need
to specify the user credentials to bind.
2. You have (there are other options though) to specify the CN of the object
to bind to, like this:
using(DirectoryEntry user = new
DirectoryEntry("LDAP://ldap.xxx.com/CN=xxx,ou=people,DC=....")
{
try
{
PropertyCollection pcoll = user.Properties; // this will effectively
trigger the bind
Console.WriteLine(user.Properties["cn"].Value); // get a property
}
catch (DirectoryServicesCOMException ex)
{
Console.WriteLine(ex.Message);
}
}
Here you'll bind anonymously against the cn=xxxx, ou=people object in the
directory on ldap.xxx.com
Willy.
<mb******@gmail.comwrote in message
news:11**********************@h48g2000cwc.googlegr oups.com...
| I'm trying to port a piece of Java LDAP conneciton code to DOTNET.
| I've done LDAP in DOTNET before, but I keep getting a very strange
| message. The Java code looks like:
|
| public static boolean authenticate(String username, String password)
| throws javax.naming.NamingException {
| SearchControls sc;
| NamingEnumeration ne;
| Hashtable<String,Stringh = new Hashtable<String,String>();
|
| h.put(Context.INITIAL_CONTEXT_FACTORY,
| "com.sun.jndi.ldap.LdapCtxFactory");
| h.put(Context.PROVIDER_URL, "ldap://" + hostname + ":" + port);
|
| if (usessl)
| h.put(Context.SECURITY_PROTOCOL, "ssl");
| if (servicedn != null) {
| h.put(Context.SECURITY_AUTHENTICATION, "simple");
| h.put(Context.SECURITY_PRINCIPAL, servicedn);
| h.put(Context.SECURITY_CREDENTIALS, servicepassword);
| }
| DirContext ctx = new InitialDirContext(h);
|
| String dn = "uid=" + username + ",ou=people," + base;
| ctx.addToEnvironment(Context.SECURITY_AUTHENTICATI ON, "simple");
| ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, dn);
| ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
|
| try {
| sc = new SearchControls();
| sc.setSearchScope(SearchControls.OBJECT_SCOPE);
| ne = ctx.search(dn, "(objectClass=*)", sc);
| } catch (javax.naming.AuthenticationException e) {
| return false;
| }
| return true;
| }
|
| The DOTNET code looks like:
|
| static void Main(string [] args) {
|
| String ldapAuthPath =
| "LDAP://ldap.xxx.com/uid=xxx,ou=people,dc=xxx,dc=com";
| String userName = "xxx";
| String password = "pass";
|
| DirectoryEntry rootEntry = null;
| DirectorySearcher searcher = null;
| SearchResult searchResult = null;
|
| try {
|
| rootEntry = new DirectoryEntry();
|
| rootEntry.Path = ldapAuthPath;
| rootEntry.Username = userName;
| rootEntry.Password = password;
| rootEntry.AuthenticationType = AuthenticationTypes.None;
|
| searcher = new DirectorySearcher(rootEntry);
| searcher.SearchScope = SearchScope.OneLevel;
| searchResult = searcher.FindOne();
|
| // if no exception the user was verified
| Console.WriteLine("authenticated");
| } catch (Exception e) {
| // if exception user was not authenticated
| Console.WriteLine(e.ToString());
| }
| }
|
| I keep getting a message that the dn syntax is invalid. I've tried
| various combinations of things. The Java code does not supply a
| userName, but when I try to do this in DOTNET I get a invalid username
| error.
|
| Any ideas would be appreciated. It seems that the DOTNET API doesn't
| offer the same degree of control.
|
| mb
|
I did a network trace and I think I see the issue. The Java code
switches over to SSLv3, whereas the DOTNET code does not. Anyone know
how to set that?
mb
Willy Denoyette [MVP] wrote:
1. DirectoryEntry.UserName and Password are properties used to authenticate
the bind, you pecified an AuthenticationType.None that means you don't need
to specify the user credentials to bind.
2. You have (there are other options though) to specify the CN of the object
to bind to, like this:
using(DirectoryEntry user = new
DirectoryEntry("LDAP://ldap.xxx.com/CN=xxx,ou=people,DC=....")
{
try
{
PropertyCollection pcoll = user.Properties; // this will effectively
trigger the bind
Console.WriteLine(user.Properties["cn"].Value); // get a property
}
catch (DirectoryServicesCOMException ex)
{
Console.WriteLine(ex.Message);
}
}
Here you'll bind anonymously against the cn=xxxx, ou=people object in the
directory on ldap.xxx.com
Willy.
<mb******@gmail.comwrote in message
news:11**********************@h48g2000cwc.googlegr oups.com...
| I'm trying to port a piece of Java LDAP conneciton code to DOTNET.
| I've done LDAP in DOTNET before, but I keep getting a very strange
| message. The Java code looks like:
|
| public static boolean authenticate(String username, String password)
| throws javax.naming.NamingException {
| SearchControls sc;
| NamingEnumeration ne;
| Hashtable<String,Stringh = new Hashtable<String,String>();
|
| h.put(Context.INITIAL_CONTEXT_FACTORY,
| "com.sun.jndi.ldap.LdapCtxFactory");
| h.put(Context.PROVIDER_URL, "ldap://" + hostname + ":" + port);
|
| if (usessl)
| h.put(Context.SECURITY_PROTOCOL, "ssl");
| if (servicedn != null) {
| h.put(Context.SECURITY_AUTHENTICATION, "simple");
| h.put(Context.SECURITY_PRINCIPAL, servicedn);
| h.put(Context.SECURITY_CREDENTIALS, servicepassword);
| }
| DirContext ctx = new InitialDirContext(h);
|
| String dn = "uid=" + username + ",ou=people," + base;
| ctx.addToEnvironment(Context.SECURITY_AUTHENTICATI ON, "simple");
| ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, dn);
| ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
|
| try {
| sc = new SearchControls();
| sc.setSearchScope(SearchControls.OBJECT_SCOPE);
| ne = ctx.search(dn, "(objectClass=*)", sc);
| } catch (javax.naming.AuthenticationException e) {
| return false;
| }
| return true;
| }
|
| The DOTNET code looks like:
|
| static void Main(string [] args) {
|
| String ldapAuthPath =
| "LDAP://ldap.xxx.com/uid=xxx,ou=people,dc=xxx,dc=com";
| String userName = "xxx";
| String password = "pass";
|
| DirectoryEntry rootEntry = null;
| DirectorySearcher searcher = null;
| SearchResult searchResult = null;
|
| try {
|
| rootEntry = new DirectoryEntry();
|
| rootEntry.Path = ldapAuthPath;
| rootEntry.Username = userName;
| rootEntry.Password = password;
| rootEntry.AuthenticationType = AuthenticationTypes.None;
|
| searcher = new DirectorySearcher(rootEntry);
| searcher.SearchScope = SearchScope.OneLevel;
| searchResult = searcher.FindOne();
|
| // if no exception the user was verified
| Console.WriteLine("authenticated");
| } catch (Exception e) {
| // if exception user was not authenticated
| Console.WriteLine(e.ToString());
| }
| }
|
| I keep getting a message that the dn syntax is invalid. I've tried
| various combinations of things. The Java code does not supply a
| userName, but when I try to do this in DOTNET I get a invalid username
| error.
|
| Any ideas would be appreciated. It seems that the DOTNET API doesn't
| offer the same degree of control.
|
| mb
|
<mb******@gmail.comwrote in message
news:11**********************@m79g2000cwm.googlegr oups.com...
|I did a network trace and I think I see the issue. The Java code
| switches over to SSLv3, whereas the DOTNET code does not. Anyone know
| how to set that?
|
It will save you a lot of time if you would start reading the doc's on MSDN,
that said, ff you need to bind using SSL you'll have to set the
AuthenticationType.SecureSocketsLayer when creating an instance of
DirectoryEntry. Note that this requires a Certificate Server running on the
AD server, but I guess you aren't even connecting to a Windows LDAP server
(Active Directory server), so I can't guarantee this will even work in your
environment. Note that simple bind should work also, what happens when you
run the sample I posted?
Willy.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Durairaj Avasi |
last post by:
Here is my prg::::
use Net::LDAP qw(LDAP_SUCCESS LDAP_PROTOCOL_ERROR);
use Authen::SASL;
use Net::LDAP::Util qw(ldap_error_name ldap_error_text);
sub lConnect {
my $server = shift;
print "...
|
by: Fie Fie Niles |
last post by:
We need to use LDAP in conjunction with our ASP pages. Are there LDAP API
that can be used either from VB or VBScript ? Where can I find sample codes
for it ? Thank you very much.
|
by: Amar |
last post by:
I am trying to connect to my college LDAP directory using ASP.NET. This LDap
does not have security as it returns only user demographic information.
i do not need to bind with a username or...
|
by: Andrew |
last post by:
Hey all,
Working on revamping our Intranet here and making use of the LDPA, Active
Directory, Directory Services, etc. that .Net provides. I am still fairly
new on this subject, so the problem...
|
by: Bryan |
last post by:
Hello,
I have a asp.net app working with directory services on my Windows XP
development machine. However when I moved the application over to our
production server (Win 2000 Server) it no longer...
|
by: h2so4 |
last post by:
I want to write a program that will query an ldap directory. can I use adsi
or ado to do that, If yes how ?
tx
--
h2so4
|
by: sallas |
last post by:
Hi,
I have a simple LDAPS script:
#!/usr/bin/python2.3
import sys
import ldap
if __name__ == '__main__':
ldap.set_option(ldap.OPT_DEBUG_LEVEL,255)
|
by: Sells, Fred |
last post by:
I'm running python 2.5 (or 2.4) in an XP environment.
I downloaded and installed the .dll's from OpenLDAP-2.4.8+OpenSSL-0.9.8g-Win32.zip and copied the .dll's in c:/windows/system32 as instructed...
|
by: =?Utf-8?B?SHV0dHk=?= |
last post by:
I am new at trying to authenticate users against LDAP. I am getting the error
"Unable to establish secure connection with the server" with my current code.
Here's what I have thus far.
<add...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
