string username = "username";
var con = new LdapConnection(new LdapDirectoryIdentifier(ADUtilities.LDAPServer, Convert.ToInt32(ADUtilities.LDAPPort), false, false));
con.SessionOptions.SecureSocketLayer = true;
con.SessionOptions.ProtocolVersion = 3;
var clientCertificateFile = new X509Certificate();
clientCertificateFile.Import(ADUtilities.LDAPSSLCertificatePath);
con.ClientCertificates.Add(clientCertificateFile);
con.SessionOptions.VerifyServerCertificate = new VerifyServerCertificateCallback(VerifyServerCertificate); }
con.Credential = new NetworkCredential(username, ADPassword);
con.AuthType = AuthType.Negotiate;
con.Timeout = new TimeSpan(0, 1, 0);
con.Bind();
private bool VerifyServerCertificate(LdapConnection ldapConnection, X509Certificate certificate) {
X509Certificate2 certificate2 = new X509Certificate2(certificate);
return certificate2.Verify();
}
con.bind()行中出现错误,表明LDAP服务器不可用。相同的代码可以在端口389上正常工作,但不能在636即LDAPS上正常工作