×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

LDAP with AD/LDS

LDAP with AD/LDS

LDAP with AD/LDS

(OP)
Hi

I have some C# code that connects to an AD / LDS store. I can use Directory Search successfully to find and add members. The issue I am having is that I cannot authenticate a user name and password successfully. I have followed various internet suggestions and come up with the following code.

The line to validate the username and password is the context.ValidateCredentials one. IF the user happens to be a Windows user then it works i.e. it successfully validates it , however the users I need to add will be purely AD users only and it will not authenticate them even if I use the right password etc.

Has anyone had similar issues ? You can download tools to authenticate the user and they work i.e. it validates the user credentials but my code still does not. Anyone have any suggestions ? Is there an alternative to ValidateCredentials ?

any help appreciated

My code is :

using (PrincipalContext context = new PrincipalContext(ContextType.ApplicationDirectory, _LDAPServer, "cn=DDUsers," + _LDAPOU , _LDAPUser, _LDAPPassword))
{
if (context == null)
return 8;

UserPrincipal User = UserPrincipal.FindByIdentity(context, Username);

if (User != null)
{
bool locked = User.IsAccountLockedOut();
if (locked)
return 2;
else
{
string userPath = "cn=" + Username + ",OU=DD_Users," + _LDAPOU;
userPath = User.DistinguishedName;

/*

var du = User.GetUnderlyingObject() as DirectoryEntry;
var prop = du.Properties["displayName"];
prop.Value = "sysadmin@fgh-uk.com";

prop = du.Properties["accountExpires"];
prop.Value = "31/12/2017";

prop = du.Properties["accountExpires"];
prop.Value = "31/12/2017";


du.CommitChanges();

User.Enabled = true;
User.Save();
*/



bool pass = false;
if (User.LastPasswordSet == null)
{
var deUser = User.GetUnderlyingObject() as DirectoryEntry;
var property = deUser.Properties["pwdLastSet"];
property.Value = -1;
deUser.CommitChanges();
pass = context.ValidateCredentials(userPath, Password);
property.Value = 0;
deUser.CommitChanges();
}
else
{
pass = context.ValidateCredentials(Username,Password );

pass = context.ValidateCredentials(userPath, Password);
// pass = context.ValidateCredentials("hstd092", "Dor1s");
// pass = context.ValidateCredentials("doris-dev\\hstd092", "Dor1s");

}
return (pass) ? 0 : 1;

Hope this helps!

Regards

BuilderSpec

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close