I got a little lost with this. I call the .NET LdapConnection object in the following code. The first request works just fine (SearchRequest) and uses the default authentication type, Negotiate. In the foreach loop of this sample code, I then try to bind to verify the password of the user, which I am hard-coded into searchRequest.
I get a nice DistinguishedName in my SearchResultEntry and Bind () works, but ONLY with AuthType.Basic. None of the other options will work, and I'm not interested in using basic (insecure) authentication. Ideas?
public LoginResult Authenticate(string userName, string password)
{
LdapDirectoryIdentifier identifier = new LdapDirectoryIdentifier(_serverName, _port);
NetworkCredential credential = new NetworkCredential(_ServerUsername, _Serverpwd);
LdapConnection ldapConnection = new LdapConnection(identifier, credential);
ldapConnection.Timeout = new TimeSpan(0, 0, _timeout);
try
{
SearchRequest searchRequest = new SearchRequest
(_distinguisedName,
"(&(objectClass=user)(givenname=Joe)(sn=Smith))",
SearchScope.Subtree,
null);
SearchResponse searchResponse =
(SearchResponse)ldapConnection.SendRequest(searchRequest);
foreach (SearchResultEntry entry2 in searchResponse.Entries)
{
ldapConnection.AuthType = AuthType.Basic;
ldapConnection.Bind(new NetworkCredential(entry2.DistinguishedName, password));
}
}
catch (Exception e)
{
return LoginResult.Failure;
}
finally
{
ldapConnection.Dispose();
}
return LoginResult.Success;
}
source
share