Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: C#
Hi,
I have a directory in structure like
ou=system,ou=valeteck,cn=mayank
 
Now their is username and password for system. CN 'mayank' has password also.
Now I have to authenticate 'mayank' by checking username and password.
 
I am creating a directoryentry object with domain of system and its username and password. Used a search filter to get mayank and then access its password to validate but its not working.
Posted 13-Aug-12 4:52am
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

After "creating a directoryentry object with domain of system and its username and password", you call its NativeEntry property:
object o = directoryentry.NativeObject;
An exception will be raised in case of a wrong password.
  Permalink  
Comments
mayankkarki at 14-Aug-12 8:39am
   
Thanks,
But system and cn='mayank' have different password.If I create directory entry object with password of cn I didn't get authenticate.I have to check that the password use entered is correct and match with user's password in ldap.
Bernhard Hiller at 14-Aug-12 8:49am
   
oh dear, that phrase "domain of system" was so misleading - I thought of the domain controller of your network, i.e. the server.
Of course, your DirectoryEntry object has to be created with the "samaccountname" of the user and the password!
mayankkarki at 14-Aug-12 8:57am
   
Thanks,
I am coding like this,
DirectoryEntry dEntry=new DirectoryEntry("ldap://localhost:389/cn=mayank,ou=valeteck,ou=system","cn=mayank","password");
But I didn't get any native object.
mayankkarki at 16-Aug-12 3:06am
   
Hi,
I tried using this,
DirectoryEntry dEntry=new DirectoryEntry("ldap://localhost:389/cn=mayank,ou=valeteck,ou=system","cn=mayank","password");
Not get any result.
but if I provide username and password of system I get object but the question is same how to check userPassword property beacuse the value it return in hashed format.
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 2

Dear mayankkarki,
 
I have same requirement to authenticate with LDAP Password. But I used different class instead of DirectoryEntry since it is not working (ie I have authenticate against Lotus Notes LDAP). I used different class(NetworkCredential, LdapConnection ,SearchRequest, SearchResponse and SearchResultEntryCollection) and able to get list of user but I don't know authentication.
 
If u solved kindly guide me.
 
Let me also know if I use directry entry class, it through error like protocol error etc.
  Permalink  
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 3

If I'm reading your question correctly, you have a Windows network login and a password, and you want to validate the user. Do you have to use LDAP?
 
This is what we use:
    Public Function ValidateWindowsCredentials(ByVal UserId As String, _
    ByVal Password As String) As Boolean
        Dim Result As Boolean = False
 
        Try
            Dim PC As New PrincipalContext(ContextType.Domain, "OurDomain")
            'This is done twice: sometimes, the first check fails.
            Result = PC.ValidateCredentials(UserId, Password, ContextOptions.Negotiate)
            Result = PC.ValidateCredentials(UserId, Password, ContextOptions.Negotiate)
        Catch ex As Exception
            Throw ex
        End Try
 
        Return Result
    End Function
My apologies for it being in VB, but you should be able to translate this to C# easily enough. PrincipalContext is part of the System.DirectoryServices.AccountManagement namespace, which was added to the 3.5 Framework (Visual Studio 2008) and, in my experience, it is significantly faster than older technique of trying to change the password to itself.
 
As far as obtaining a password from a user id, you cannot: the property is write-only. This is by design, to prevent a malicious user from writing code that could harvest network passwords out of the AD data store.
  Permalink  
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 4

Hi,
I am describing the way I used to connect and authenticate user in ldap. I have to connect over SSL and I am getting some problem with DirectoryEntry So I used LdapConnection class.
LdapConnection connection = new LdapConnection(new LdapDirectoryIdentifier("SJTPNOC.com", 636));
connection.SessionOptions.VerifyServerCertificate = new VerifyServerCertificateCallback((con, cer) => true);
connection.SessionOptions.ProtocolVersion = 3;        
connection.AuthType = AuthType.Basic;       
connection.SessionOptions.SecureSocketLayer = true;
connection.Timeout = new TimeSpan(0, 0, 10);   
connection.Credential = new NetworkCredential(username, password);
using (connection){}
If this doesn't throw error then user is authorised otherwise not. Now you have to be careful with username you provide.It must be user full domain name.
CN=mayank/OU=Users/dc=SJTPNOC/dc=com.
Let me know if anybody needs help.
  Permalink  
v2

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 Mika Wendelius 261
1 Abhinav S 155
2 Peter Leow 140
3 Sergey Alexandrovich Kryukov 125
4 Kornfeld Eliyahu Peter 115
0 Sergey Alexandrovich Kryukov 8,593
1 OriginalGriff 6,536
2 Peter Leow 3,727
3 Zoltán Zörgő 3,456
4 Richard MacCutchan 2,417


Advertise | Privacy | Mobile
Web04 | 2.8.150123.1 | Last Updated 14 Dec 2012
Copyright © CodeProject, 1999-2015
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100