I've been banging my head against the .Net 3.5 PrincipalContext, trying to establish a connection to OpenLDAP that is installed on the same machine as my Visual Studio 2010 IDE (machine name is dev001).
Here is my simple LDAP structure:
base (dc=test,dc=com)
testadmin (cn=testadmin,dc=test,dc=com)
accounts (dc=accounts,dc=test,dc=com)
testuser (cn=testuser,dc=accounts,dc=test,dc=com)
Here are the code snippets I've tried:
Snippet #1 : Combinations of name: "localhost", "localhost:389", "dev001", "dev001:389", "test", "test.com"
PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, "localhost", "dc=accounts,dc=test,dc=com", "cn=testadmin,dc=test,dc=com", "testadminpassword");
Snippet #2 Combinations of name: "localhost", "localhost:389", "dev001", "dev001:389", "test", "test.com"
PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, "localhost", "dc=accounts,dc=test,dc=com", "testadmin", "testadminpassword");
I have yet to establish a connection to the server.
When I use "localhost", "localhost:389", "dev001", "dev001:389", or "test", I get the error:
System.NullReferenceException: Object reference not set to an instance of an object.
When I use "test.com" I get the error:
System.DirectoryServices.AccountManagement.PrincipalServerDownException: The server could not be contacted. ---> System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable.
解决方案
Your first problem is using the System.DirectoryServices namespace. The classes in there only work well with Active Directory. I've long ago abandoned it for the System.DirectoryServices.Protocols namespace as well as most other people. Here's some code you can use to get you started in connecting.
var host = "localhost:389";
var credential = new NetworkCredential("user", "secret");
using (var con = new LdapConnection(host) { Credential = credential, AuthType = AuthType.Basic, AutoBind = false })
{
con.SessionOptions.ProtocolVersion = 3;
con.SessionOptions.VerifyServerCertificate = new VerifyServerCertificateCallback(VerifyCertDelegate);
//con.SessionOptions.StartTransportLayerSecurity(new DirectoryControlCollection());
con.Bind()
//Do other ldap operations here such as setting the user password
var pass = "newpass";
var req = new ModifyRequest
{
DistinguishedName = "cn=user,ou=test,dc=example,dc=com"
};
var dam = new DirectoryAttributeModification
{
Name = "userPassword",
Operation = DirectoryAttributeOperation.Replace
};
dam.Add(pass);
req.Modifications.Add(dam);
con.SendRequest(req);
}
Notice that in the above TLS is turned off. If you want a secure connection use ssl on port 636. The microsoft ldap libraries have a race condition that will cause your cpu to spike in an infinite loop when two simultaneous ldap calls are made such as in a web server environment.
526
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
