使用LdapConnection枚举AD
是否可以使用 System.DirectoryServices.Protocols 中的 LdapConnection 来查询 Active Directory?
我在实例化 PrimaryContext 时遇到问题。这是我的代码,以防任何人都可以发现问题:
private LdapConnection getLdapConnection(string username, string password, string ldapServer, bool secured)
{
int port = secured ? 636 : 389;
LdapConnection connection = new LdapConnection(new LdapDirectoryIdentifier(ldapServer, port, false, false));
if (secured)
{
connection.SessionOptions.ProtocolVersion = 3;
connection.SessionOptions.SecureSocketLayer = true;
}
connection.Credential = new NetworkCredential(username, password);
connection.AuthType = AuthType.Basic;
connection.SessionOptions.VerifyServerCertificate += (conn, cert) => { return true; };
connection.Bind();
return connection;
}
当尝试实例化我正在使用的主体上下文时,
PrincipalContext context = new PrincipalContext(
ContextType.Domain,
ldapServer,
null,
useSsl ? ContextOptions.SecureSocketLayer | ContextOptions.SimpleBind : ContextOptions.SimpleBind,
username,
password);
我传递相同的值,为了完整起见,用户名的格式为 domain\user 并且 ldapServer 的格式为 server.domain.com,其中 ldapServer 在创建主体上下文时附加了 :636。
我连接到的服务器存在证书问题,我猜想这可能会阻止这种情况,因为 LdapConnection 设置为返回 true 进行验证。这不是问题,因为它是可信的。我无权访问服务器,因此无法更改此设置。
Is it possible to use an LdapConnection from System.DirectoryServices.Protocols to query Active Directory?
I'm having issues instantiating a PrincipalContext. Here's my code, in case anyone can spot the issue:
private LdapConnection getLdapConnection(string username, string password, string ldapServer, bool secured)
{
int port = secured ? 636 : 389;
LdapConnection connection = new LdapConnection(new LdapDirectoryIdentifier(ldapServer, port, false, false));
if (secured)
{
connection.SessionOptions.ProtocolVersion = 3;
connection.SessionOptions.SecureSocketLayer = true;
}
connection.Credential = new NetworkCredential(username, password);
connection.AuthType = AuthType.Basic;
connection.SessionOptions.VerifyServerCertificate += (conn, cert) => { return true; };
connection.Bind();
return connection;
}
When trying to instantiate the Principal Context I am using
PrincipalContext context = new PrincipalContext(
ContextType.Domain,
ldapServer,
null,
useSsl ? ContextOptions.SecureSocketLayer | ContextOptions.SimpleBind : ContextOptions.SimpleBind,
username,
password);
I am passing the same values in, for the sake of completeness username is in the format of domain\user and the ldapServer is in the format of server.domain.com with ldapServer having :636 appended when creating the Principal Context.
The server I am connecting to has certificate issues which I guess could be preventing this as the LdapConnection is set to return true for verification. This isn't an issue as it's trusted. I don't have access to the server and as such cannot change this.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
据我了解,当您定位域时,容器参数不能为
null。你能试试这个构造函数吗:然后是这个:
As far as I understant the container parameter can't be
nullwhen you target a domain. Can you just try this constructor :And then this one :
我怀疑 LDAP 代码的部分问题是您使用的是
AuthType.Basic。请尝试谈判。I suspect part of your problem with the LDAP code is that you're using
AuthType.Basic. TryNegotiateinstead.