LdapConnection cannot re-bind other than with Basi

2020-07-23 04:33发布

问题:

I'm a little lost with this one. I'm calling in the .NET LdapConnection object in the following code. The first query works just fine (the SearchRequest), and uses the default Authentication Type, Negotiate. In the foreach loop of this sample code I'm then trying to do a bind to check the password of the user I hard coded in the searchRequest.
I get a nice DistinguishedName in my SearchResultEntry and the Bind() works, but ONLY with AuthType.Basic. None of the other options will work, and I'm not keen on using Basic (insecure) Authentication. Ideas?

        public LoginResult Authenticate(string userName, string password)
    {

        LdapDirectoryIdentifier identifier = new LdapDirectoryIdentifier(_serverName, _port);
        NetworkCredential credential = new NetworkCredential(_ServerUsername, _Serverpwd);
        LdapConnection ldapConnection = new LdapConnection(identifier, credential);
        ldapConnection.Timeout = new TimeSpan(0, 0, _timeout);

        try
        {
            SearchRequest searchRequest = new SearchRequest
                (_distinguisedName,
                 "(&(objectClass=user)(givenname=Joe)(sn=Smith))",
                 SearchScope.Subtree,
                 null);

            // cast the returned directory response as a SearchResponse object
            SearchResponse searchResponse =
                (SearchResponse)ldapConnection.SendRequest(searchRequest);

            // enumerate the entries in the search response
            foreach (SearchResultEntry entry2 in searchResponse.Entries)
            {
                // Check password by rebinding connection
                ldapConnection.AuthType = AuthType.Basic;
                ldapConnection.Bind(new NetworkCredential(entry2.DistinguishedName, password));
            }


        }
        catch (Exception e)
        {
            return LoginResult.Failure;
        }
        finally
        {
            ldapConnection.Dispose();
        }

        return LoginResult.Success;

    }
标签: c# .net ldap