Cannot authenticate user in AD LDS

EDN Admin

Well-known member
Joined
Aug 7, 2010
Messages
12,794
Location
In the Machine
Not sure if this is the correct forum to use, but...
I have been authenticating users against Active Directory successfully for a long time. Now delving into AD LDS to support a website. I am able to bind to and LDS DirectoryEntry for a user but cannot authenticate that user. The following
works fine and returns a DirectoryEntry:
<pre class="prettyprint DirectoryEntry de = new DirectoryEntry("LDAP://192.168.x.x:50389/CN=x,CN=y,CN=Roles,CN=webapp1,DC=apps,DC=net")[/code]
I am also able to complete a directory search based on the user CN that returns a valid object. However, when I try to authenticate the user with the following I get the error "There is no such object on the server".
<pre class="prettyprint DirectoryEntry objLDS = new DirectoryEntry(results[0].Path, domainAndUsername, pwd, AuthenticationTypes.Secure)[/code]
The path is the correct path to the user object. The password is good as well. So I am thinking the issue is in the formatiing of the user name. In AD I use my.domain\username. In LDS I have tried using just the username, DCs plus
the username, DCs and LDS Instance plus the user name (and many other variations), nothing has worked.
username
apps.net\username
webapp1.apps.net\username
Can someone provide the correct format for LDS? I have dug deep into MS documentation and been to oodles of sites but am stumped.
Thanks much
Full code block:
<pre class="prettyprint string domainAndUsername = "apps.net" + @"" + username;
DirectoryEntry de = new DirectoryEntry("LDAP://192.168.x.x:50389/CN=x,CN=y,CN=Roles,CN=webapp1,DC=apps,DC=net");

DirectorySearcher deSearch = new DirectorySearcher();
deSearch.SearchRoot = de;
deSearch.Filter = "(&(objectClass=user) (cn=" + username + "))";
SearchResultCollection results = deSearch.FindAll();
if (results.Count > 0)
{
DirectoryEntry objLDS = new DirectoryEntry(results[0].Path, domainAndUsername, pwd, AuthenticationTypes.Secure);
if (objLDS.Guid != null)
{
return true;
}
else
{
return false;
}
}[/code]
<br/>

View the full article
 
Back
Top