发表新帖
发表新帖

Active Directory - Check username / password

后端 未结
关注
4 757
有刺的猬
有刺的猬 2020-12-04 08:39

I\'m using the following code on Windows Vista Ultimate SP1 to query our active directory server to check the user name and password of a user on a domain.

p
相关标签:
4条回答
  • 野趣味
    2020-12-04 09:12

    I found that same code floating around the Internet on multiple websites and it didn't work for me. Steve Evans is probably right that if you're on .NET 3.5, you should not use this code. But if you ARE still on .NET 2.0 you can try this to Authenticate to your AD services:

    DirectoryEntry entry = new DirectoryEntry("LDAP://" + domain, 
   userName, password, 
   AuthenticationTypes.Secure | AuthenticationTypes.SecureSocketsLayer);
object nativeObject = entry.NativeObject;

    The first line creates a DirectoryEntry object using domain, username, and password. It also sets the AuthenticationTypes. Notice how I'm setting both Secure (Kerberos) Authentication and SSL using the "Bitwise OR" ( '|' ) operator between the two parameters.

    The second line forces the NativeObject of "entry" to Bind to the AD services using the information from the first line.

    If an exception is thrown, then the credentials (or settings) were bad. If no exception, you're authenticated. The exception message will usually indicate what went wrong.

    This code is pretty similar to what you already have, but the domain is used where you have "path", and the username is not combined with the domain. Be sure to set your AuthenticationTypes properly, too. This can make or break the ability to authenticate.

    0 讨论(0)
  • 长发绾君心
    2020-12-04 09:12

    I figured it out anyhow If you pass in the domain with the username on vista it does not work like "domain\user" so just passing "user" instead seems to work okay - except you have to be on the same domain

    0 讨论(0)
  • 不思量自难忘°
    2020-12-04 09:14

    If you're using .net 3.5 use this code instead.

    To authenticate a user:

    PrincipalContext adContext = new PrincipalContext(ContextType.Domain);

using (adContext)
{
     return adContext.ValidateCredentials(UserName, Password);
}

    If you need to find the user to R/W attributes to the object do this:

    PrincipalContext context = new PrincipalContext(ContextType.Domain);
UserPrincipal foundUser = 
    UserPrincipal.FindByIdentity(context, "jdoe");

    This is using the System.DirectoryServices.AccountManagement namespace so you'll need to add it to your using statements.

    If you need to convert a UserPrincipal object to a DirectoryEntry object to work with legacy code you can do this:

    DirectoryEntry userDE = (DirectoryEntry)foundUser.GetUnderlyingObject();
    0 讨论(0)
  • 名媛妹妹
    2020-12-04 09:27

    Does binding to LDAP require elevated privs (UAC)? You could try running Visual Studio and/or the app as Administrator and see if that helps. If that's the problem you could always add a manifest to the application and set it to require elevation, that way it will prompt when a user runs it.

    Not sure why it would require elevated privs, but it's worth a shot.

    0 讨论(0)
 看不清?
提交回复
热议问题