问题
I use Novell.Directory.Ldap.NETStandard2_0 package to authenticate users from Active Directory and it works fine for most of users.
using (var cn = new LdapConnection())
{
cn.Connect(ldapOptions.Host, ldapOptions.Port);
var userDn = username.IndexOf('@') < 0 ? username + $"@{ldapOptions.Domain}" : username;
cn.Bind(userDn, password);
if (cn.Bound)
{
result.Result = AuthResult.Succeed;
result.Message = "Login Successful using LDAP: {0}.";
}
return result;
}
The problem is when we need to authenticate users that are restricted to logon to only certain computers in our domain (Active Directory).
I added the computer that host my application (IIS & Win Server 2016) to the list but it still fails and restricted users cannot be authenticated yet.
How can I solve this issue? should I change my code? or Active Directory/IIS settings?
回答1:
LDAP authentication is generally sourced from the domain controller(s), so the domain controller(s) configured as the LDAP host need to be present in the logon workstations (userWorkstations) list.
来源:https://stackoverflow.com/questions/53258020/ldap-authentication-problem-in-asp-net-core-for-restricted-users-logon-workstat