验证密码是否正确
我需要验证用户的密码是否正确。
我有这段代码:
private bool checkOldPasswordValid(string password, string username)
{
using (DirectoryEntry entry = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer"))
{
entry.Username = username;
entry.Password = password;
DirectorySearcher searcher = new DirectorySearcher(entry);
searcher.Filter = "(objectclass=user)";
try
{
searcher.FindOne();
}
catch (Exception ex)
{
return false;
}
return true;
}
}
但是 WinNt 不支持目录搜索器,所以我找到了另一种方法来循环所有记录。
foreach (DirectoryEntry dc in entry.Children)
{
// prints the name
System.Diagnostics.Debug.WriteLine(dc.Name);
}
但这只是获取名称而不验证密码。
请帮忙。谢谢
i need to verify if the password is correct for a user.
i have this code:
private bool checkOldPasswordValid(string password, string username)
{
using (DirectoryEntry entry = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer"))
{
entry.Username = username;
entry.Password = password;
DirectorySearcher searcher = new DirectorySearcher(entry);
searcher.Filter = "(objectclass=user)";
try
{
searcher.FindOne();
}
catch (Exception ex)
{
return false;
}
return true;
}
}
but then directory searcher is not supported with WinNt, so i found another way to loop through all records.
foreach (DirectoryEntry dc in entry.Children)
{
// prints the name
System.Diagnostics.Debug.WriteLine(dc.Name);
}
but this just gets the name and doesnt verify the password.
please help . thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
要针对 LDAP 或 WinNT 进行身份验证,您不需要
DirectorySearcher。您只需从DirectoryEntry实例获取NativeObject即可。这是一个代码示例,可以指导您完成整个过程。此代码将返回用户是否真实。一旦您可以使用此
DirectoryEntry类实例获取 NativeObject 属性,这意味着 AD(或本地计算机)使用模拟来获取此对象。如果您获取对象时没有抛出异常,则意味着 AD(或本地计算机)能够对模拟用户进行身份验证。虽然您可以通过不指定用户名和密码而仅指定域(或本地计算机)来使用当前经过身份验证的用户,但通过指定用户名和密码,您说您想要使用模拟,因此安全基础结构将使用给定的用户名和尝试从此
DirectoryEntry类实例检索NativeObject属性的密码。要针对 AD 进行身份验证,只需将
"WinNT://"替换为"LDAP://"。To autenticate against LDAP or WinNT, you need no
DirectorySearcher. You only need to get theNativeObjectfrom yourDirectoryEntryinstance. Here's a code sample that might guide you through the way.This code will return either a user is authentic or not. Once you can get the NativeObject property using this
DirectoryEntryclass instance, this means that the AD (or local computer) used impersonation to get this object. If you get the object without having a thrown exception, this means that the AD (or local computer) was able to authenticate the impersonnated user.While you can use the currently authenticated user by specifying no username and password, but only the domain (or local computer), by specifying a username and password, you say you want to use impersonnation, so the security infrastructure will use the given username and password to try to retrieve the
NativeObjectproperty from thisDirectoryEntryclass instance.To authenticate against the AD, just replace the
"WinNT://"for"LDAP://".您可以使用 DirectoryEntry 本身。
请参阅此处的示例:http://support.microsoft.com/kb/316748
你为什么仍然使用 WinNT:// 吗?
You can use DirectoryEntry itself.
See the example here: http://support.microsoft.com/kb/316748
Why are you using WinNT:// anyways?