如何验证LDAP路径?我有三个textboxes,我允许用户输入LDAP路径,用户名和密码。我能够验证用户名和密码,但是当验证LDAP路径时,它最初可以工作,但是在一段时间之后,它也允许无效路径。
有效的LDAP路径:
192.168.12.12:565
无效的LDAP路径:
gfg192.168.12.12:565fgfgf
并且用户可以使用无效路径获取用户列表。
我尝试LdapConnection,使用Directory Entry并使用PrincipalContext:
LdapConnection connection = new LdapConnection(txtLDAPPath.Text.Trim());
NetworkCredential credential = new NetworkCredential(txtADUserName.Text.Trim(), password);
connection.Credential = credential;
connection.Bind();
using (DirectoryEntry entry = new DirectoryEntry())
{
entry.Username = txtADUserName.Text.Trim();
entry.Password = password;
entry.Path = txtLDAPPath.Text;
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(&(objectClass=user)(objectCategory=person)(!userAccountControl:1.2.840.113556.1.4.803:=2))";
object obj = entry.NativeObject;
SearchResult resultCol = search.FindOne();
}
PrincipalContext ctx = new PrincipalContext(ContextType.Domain,"Domain");
bool Validate= ctx.ValidateCredentials(txtADUserName.Text, password);
答案 0 :(得分:0)
我发现的唯一方法是使用System.DirectoryServices.DirectorySearcher.FindOne()方法
var paths = new[]
{
new { Path = "LDAP://192.168.1.1:389/OU=Users,OU=Administration,DC=ac-qa,DC=aaaa,DC=se", Filter = "(&(objectClass=user))" }, //OK! returns the first entry
new { Path = "LDAP://192.168.1.1:389/OU=Users,OU=Administration,DC=ac-qa,DC=aaaa,DC=se", Filter = "this is wrong" }, //ERROR! the exeption message: "The this is wrong search filter is invalid."
new { Path = "the wrong path", Filter = "(&(objectClass=user))" }, //ERROR! the exeption message: "Unspecified error"
new { Path = "LDAP://192.168.1.1:389/OU=Test_OrgUnit,DC=ac-qa,DC=aaaa,DC=se", Filter = "(&(objectClass=user))" }, //OK! This is a valid path without any entry inside. result = null
};
foreach (var item in paths)
{
DirectoryEntry entry = new DirectoryEntry(item.Path, Login, Password);
DirectorySearcher search = new DirectorySearcher(entry, item.Filter);
try
{
SearchResult result = search.FindOne();
}
catch(Exception ex)
{
Console.WriteLine(ex);
}
}