我第一次尝试通过LDAP连接。我只是想简单地检查用户是否可以登录。尝试连接后,我收到一个无效的凭据错误49和错误代码81服务器不可用。我正在传递正确的用户凭据,因此这应该是验证,我可以通过JXplorer连接。 在JXplorer中,我的主机为ldap.my.edu端口为389 用户dn为:Uid = myuser,OU = People,DC = ua,DC = edu 然后mypass。
我认为我没有正确地将其转换为LdapConnection和网络凭证。这是我的第一次,所以任何帮助都会非常感激。
const string server = "ldap.my.edu:389/OU=People,DC=my,DC=edu";
const string domain = "ldap.my.edu";
string password = "mypass";
string userName = "myuser";
try
{
using (var ldapConnection = new LdapConnection(server))
{
var networkCredential = new NetworkCredential(userName, password, domain);
ldapConnection.SessionOptions.SecureSocketLayer = true;
ldapConnection.AuthType = AuthType.Negotiate;
ldapConnection.Bind(networkCredential);
}
答案 0 :(得分:2)
如果您没有在此服务器上启用SSL( LDAPS ),看起来就是这种情况,那么您需要确保设置:
ldapConnection.SessionOptions.SecureSocketLayer = false
或者,您根本不能设置它 - 如果没有明确设置,LdapConnection默认默认为不安全的端口389( LDAP )。
使用您在问题中提供的值的示例将是这样的(请注意,我将域应用于NetworkCredential而不是LdapConnection类本身):
// the username and password to authenticate
const string domain = "OU=People,DC=my,DC=edu";
string password = "mypass";
string userName = "myuser";
// define your connection
LdapConnection ldapConnection = new LdapConnection("ldap.my.edu:389");
try
{
// authenticate the username and password
using (ldapConnection)
{
// pass in the network creds, and the domain.
var networkCredential = new NetworkCredential(username, password, domain);
// if we're using unsecured port 389, set to false. If using port 636, set this to true.
ldapConnection.SessionOptions.SecureSocketLayer = false;
// since this is an internal application, just accept the certificate either way
ldapConnection.SessionOptions.VerifyServerCertificate += delegate { return true; };
// to force NTLM\Kerberos use AuthType.Negotiate, for non-TLS and unsecured, just use AuthType.Basic
ldapConnection.AuthType = AuthType.Basic;
// authenticate the user
ldapConnection.Bind(networkCredential);
}
catch (LdapException ldapException)
{
//Authentication failed, exception will dictate why
}
}