I'm a little lost with this one. I'm calling in the .NET LdapConnection object in the following code. The first query works just fine (the SearchRequest), and uses the default Authentication Type, Negotiate.
In the foreach loop of this sample code I'm then trying to do a bind to check the password of the user I hard coded in the searchRequest.
I get a nice DistinguishedName in my SearchResultEntry and the Bind() works, but ONLY with AuthType.Basic. None of the other options will work, and I'm not keen on using Basic (insecure) Authentication.
Ideas?
public LoginResult Authenticate(string userName, string password)
{
LdapDirectoryIdentifier identifier = new LdapDirectoryIdentifier(_serverName, _port);
NetworkCredential credential = new NetworkCredential(_ServerUsername, _Serverpwd);
LdapConnection ldapConnection = new LdapConnection(identifier, credential);
ldapConnection.Timeout = new TimeSpan(0, 0, _timeout);
try
{
SearchRequest searchRequest = new SearchRequest
(_distinguisedName,
"(&(objectClass=user)(givenname=Joe)(sn=Smith))",
SearchScope.Subtree,
null);
// cast the returned directory response as a SearchResponse object
SearchResponse searchResponse =
(SearchResponse)ldapConnection.SendRequest(searchRequest);
// enumerate the entries in the search response
foreach (SearchResultEntry entry2 in searchResponse.Entries)
{
// Check password by rebinding connection
ldapConnection.AuthType = AuthType.Basic;
ldapConnection.Bind(new NetworkCredential(entry2.DistinguishedName, password));
}
}
catch (Exception e)
{
return LoginResult.Failure;
}
finally
{
ldapConnection.Dispose();
}
return LoginResult.Success;
}
