使用 Unicode 的 AD 身份验证

发布于 2024-12-09 15:03:03 字数 711 浏览 0 评论 0原文

刚刚在 C# 中实现了 AD 身份验证，使用：

DirectoryEntry entry = 
  new DirectoryEntry(_path, domainAndUsername, pwd, AuthenticationTypes.Secure);

其中 _path 是 LDAP://+ 完全限定域名（例如域控制器的 IP）。

现在我必须使用 Delphi 做同样的事情。所以我在 http://www.freemeg.com/index.php/projects/projects-2/15-delphi-ldap-authentication-component

任何人都有一个工作版本对于 Delphi 2009+（unicode）？
有没有人有一个具有简单 AD 身份验证处理（例如验证）域\用户 ID 和密码的工作示例？

在 C# 中，好的部分是我不需要遍历 AD - 我只需通过 LDAP 执行一级搜索 - 只是为了检查用户是否经过身份验证。

原文

Just implemented AD Authentication in C# using:

DirectoryEntry entry = 
  new DirectoryEntry(_path, domainAndUsername, pwd, AuthenticationTypes.Secure);

where _path is LDAP://+ full qualified domain name (eg. the ip of the domain controler).

Now I have to do the same using Delphi. So I found Solomon's excelent Delphi 2007 LDAP implementation at http://www.freemeg.com/index.php/projects/projects-2/15-delphi-ldap-authentication-component

Have anyone a working version for Delphi 2009+ (unicode)?
Have anyone a working sample with simple AD Authentication processing(eg. validating) domain\userid and password?

In C# the nice part is that I don't need to traverse the AD - I simply performs a one level search via LDAP - just to check if the user is authenticated.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

夏の忆 2024-12-16 15:03:03

Tony Caduto 为我提供了一个 Synapse 解决方案：

我从创建的身份验证对象中删除了这些内容，我不想发布整个内容，因为其中还有一堆其他不相关的内容。

这应该可以帮助您继续，关键是将 AD 用户名与“@your.ad.domain.name”连接起来
成功绑定后，您可以通过提供基本 DN 来搜索 AD 目录
并使用 ldapsend 单元的搜索功能。

我发现这比其他方法更快而且很可靠。您确实需要获取主干版本
synapse，因此它可以与 delphi 的更高版本一起使用。

uses ldapsend

var
    fldap:tldapsend;
    fad_domain,ausername,apassword:string;
begin
ausername:='your AD username';
apassword:='your AD password';
fldap := TLDAPSend.Create;
fad_domain:= 'your.ad.domain';
fldap.TargetHost:=fad_domain;
//next line is the key to getting AD authentication working
fldap.UserName := ausername+'@'+fad_domain;
fldap.Password := apassword;
try
   try
      if fldap.Login then
         if fldap.Bind then
            begin
                    //user is succesfully authenticated at this point

            end else
                raise exception.Create('LDAP bind failed.');
   except
         on e:exception do
            //whatever
   end;
finally
       fldap.logout;
       freeandnil(fldap);
end;
end;

感谢托尼！！！！

Tony Caduto have provided me with a Synapse solution:

I cut this stuff out of a authentication object I created, I don't want to post the whole thing since there is a bunch of other non related stuff in it.

This should get you going, the key is to concatenate the AD username with '@your.ad.domain.name'
After you succesfully bind, you can then do searches against the AD directory by supplying a base DN
and using the search function of the ldapsend unit.

I have found this to be faster than other methods and it's solid. You do need to get the trunk version of
synapse so it works with the later versions of delphi.

uses ldapsend

var
    fldap:tldapsend;
    fad_domain,ausername,apassword:string;
begin
ausername:='your AD username';
apassword:='your AD password';
fldap := TLDAPSend.Create;
fad_domain:= 'your.ad.domain';
fldap.TargetHost:=fad_domain;
//next line is the key to getting AD authentication working
fldap.UserName := ausername+'@'+fad_domain;
fldap.Password := apassword;
try
   try
      if fldap.Login then
         if fldap.Bind then
            begin
                    //user is succesfully authenticated at this point

            end else
                raise exception.Create('LDAP bind failed.');
   except
         on e:exception do
            //whatever
   end;
finally
       fldap.logout;
       freeandnil(fldap);
end;
end;

Thanks to Tony!!!!

回复收藏 0 原文

~没有更多了~