首先,我要讲的LDAP不是微软的Active Directory目录服务,而是运行在SUN One上面的目录服务。
请看代码(部分敏感信息删节):
Private
Sub btnTest_Click()
Sub btnTest_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnTest.Click
Dim LoginName As String = txtUser.Text
Dim LoginPwd As String = txtPwd.Text
If LoginPwd = "" Then
txtResult.Text = "* Password can not be blank."
Exit Sub
End If
Dim myDirectorySearcher As DirectorySearcher
Dim mySearchResult As SearchResult
Dim myDirectoryEntry As DirectoryEntry
Dim UserName As String
txtResult.Text = ""
Try
If myDirectoryEntry.Exists("LDAP://ldapserver.com/uid=" & LoginName & ",ou=people,ou=intranet,dc=yourdomainname,dc=com") Then
Try
myDirectoryEntry = New DirectoryEntry("LDAP://ldapserver.com/ou=people,ou=intranet,dc=yourdomainname,dc=com", "uid=" & LoginName & ",ou=people,ou=intranet,dc=yourdomainname,dc=com", LoginPwd, AuthenticationTypes.ServerBind)
myDirectorySearcher = New DirectorySearcher(myDirectoryEntry)
myDirectorySearcher.Filter = "(uid=" & txtUser.Text & ")"
myDirectorySearcher.PropertiesToLoad.Add("DisplayLastName")
myDirectorySearcher.PropertiesToLoad.Add("DisplayFirstName")
mySearchResult = myDirectorySearcher.FindOne
If mySearchResult Is Nothing Then
txtResult.Text += "* Login failed."
Else
txtResult.Text += ">>> Login passed!" & vbCrLf
UserName = mySearchResult.GetDirectoryEntry().Properties("DisplayFirstName").Value & " " & mySearchResult.GetDirectoryEntry().Properties("DisplayLastName").Value
txtResult.Text += UserName & vbCrLf
End If
Catch ex As Exception
txtResult.Text += "* Login failed." & vbCrLf & ex.Message
End Try
Else
txtResult.Text += "* Invalid user login name."
End If
Catch ex As Exception
txtResult.Text += "* Can not access the LDAP server." & vbCrLf & ex.Message
End Try
End Sub
Dim LoginName As String = txtUser.Text
Dim LoginPwd As String = txtPwd.Text
If LoginPwd = "" Then
txtResult.Text = "* Password can not be blank."
Exit Sub
End If
Dim myDirectorySearcher As DirectorySearcher
Dim mySearchResult As SearchResult
Dim myDirectoryEntry As DirectoryEntry
Dim UserName As String
txtResult.Text = ""
Try
If myDirectoryEntry.Exists("LDAP://ldapserver.com/uid=" & LoginName & ",ou=people,ou=intranet,dc=yourdomainname,dc=com") Then
Try
myDirectoryEntry = New DirectoryEntry("LDAP://ldapserver.com/ou=people,ou=intranet,dc=yourdomainname,dc=com", "uid=" & LoginName & ",ou=people,ou=intranet,dc=yourdomainname,dc=com", LoginPwd, AuthenticationTypes.ServerBind)
myDirectorySearcher = New DirectorySearcher(myDirectoryEntry)
myDirectorySearcher.Filter = "(uid=" & txtUser.Text & ")"
myDirectorySearcher.PropertiesToLoad.Add("DisplayLastName")
myDirectorySearcher.PropertiesToLoad.Add("DisplayFirstName")
mySearchResult = myDirectorySearcher.FindOne
If mySearchResult Is Nothing Then
txtResult.Text += "* Login failed."
Else
txtResult.Text += ">>> Login passed!" & vbCrLf
UserName = mySearchResult.GetDirectoryEntry().Properties("DisplayFirstName").Value & " " & mySearchResult.GetDirectoryEntry().Properties("DisplayLastName").Value
txtResult.Text += UserName & vbCrLf
End If
Catch ex As Exception
txtResult.Text += "* Login failed." & vbCrLf & ex.Message
End Try
Else
txtResult.Text += "* Invalid user login name."
End If
Catch ex As Exception
txtResult.Text += "* Can not access the LDAP server." & vbCrLf & ex.Message
End Try
End Sub
这里要说明一下:
1、必须检验密码不能为空,否则会造成验证有误,即空密码能通过验证,不知道为什么。
2、LDAP://......这最前面的四个字母LDAP必须大写!否则报未知错误,不知道为什么,还得我走了一段弯路。
3、ldapserver.com需要替换成LDAP服务器的地址。
4、LDAP://......地址后面的参数,要根据你要访问的LDAP的设置而定。
5、如果密码不对,会引发异常,所以我在异常处理中捕获,但是不知道这样是否正确。
6、If mySearchResult Is Nothing Then 这句我觉得是废话,好像怎么也不会为True,如果密码不对,会引发异常的,但是不放心还是加上这句,可能是我的判断逻辑有问题。
总之,这段代码肯定不是最完美的代码,但是确实是可以完成任务的代码,欢迎大家指正。