How to succesfully connect with DirectoryEntry in C# to a localhost LDAP domain?
I'm running Ubuntu on Windows via WSL in a CLI, and I've configured LDAP (OpenLDAP: slapd) on Ubuntu as follows:
BASE dc=example,dc=com
URI ldap://localhost
When I run on the following command on Ubuntu, it shows me the structure of the Users and Groups I've set on the LDAP server, which indicates that I'm able to connect with the server using my test user:
ldapsearch -D "cn=test,ou=Department,dc=example,dc=com" -w test -b 'dc=example,dc=com' '(objectclass=*)'
On my Windows host machine, I checked the box for Active Directory Lightweight Directory Services in the Turn Windows features on or off window, which enables usage of LDP.exe. In LDP.exe, I'm also able to connect with the LDAP server, by selecting Connection > Bind > filling in "cn=test,ou=Department,dc=example,dc=com" for the User field and "test" for the Password field > and selecting Simple bind before clicking OK:
After clicking OK, LDP.exe provides the following feedback:
I'm also able to retrieve information from the LDAP server in my C# code—for example:
de = new DirectoryEntry("LDAP://localhost:389/ou=Department,dc=example,dc=com");
de.AuthenticationType = AuthenticationTypes.None;
var childNames = new List<string>();
foreach(DirectoryEntry child in de.Children)
{
childNames.Add(child.Name.ToString());
}
The above gives me the confidence that the LDAP server is configured correctly and that I'm able to access it in my code, but I'm unable to connect via the aforementioned test user when I modify the code as follows:
var de = new DirectoryEntry("LDAP://localhost/OU=Department,DC=example,DC=com", username, password);
var childNames = new List<string>();
foreach(DirectoryEntry child in de.Children)
{
childNames.Add(child.Name.ToString());
}
When I run the above code, I get an error at the foreach part that says that "the user name or password is incorrect."
I've tried to set the username & password variables to all the ways I could think of or find online, such as setting the password to "test" or its SSHA hash, and setting username to "test", "cn=test", "example.com\\test", or "test@example.com", but I keep getting the message that "the user name or password is incorrect" when I run the code.
I've also tried the username & password combinations with several forms of authentication, as such:
var de = new DirectoryEntry("LDAP://localhost/OU=Department,DC=example,DC=com", username, password, AuthenticationTypes.Secure);
But I've been unable to find the correct configuration. How do I configure the code so that the username and password combination is accepted?
Apparently, the username must contain the full DN. The code below works:
string username = "cn=test,ou=Department,dc=example,dc=com", password = "test";
var de = new DirectoryEntry("LDAP://localhost:389/ou=Department,dc=example,dc=com", username, password, AuthenticationTypes.None);
childNames = new List<string>();
foreach(DirectoryEntry child in de.Children)
{
childNames.Add(child.Name.ToString());
}
On the Microsoft pages, it's said that AuthenticationTypes.None "equates to zero, which means to use basic authentication (simple bind) in the LDAP provider." I first assumed that AuthenticationTypes.None means that the username and password won't be checked for correctness (as with AuthenticationTypes.Anonymous), but that's not the case.
- Why does python-ldap code raise the Exception ldap.REFERRALS?
- What's the best way to write an LDAP client in Python
- How do I unblock LDAP users in GitLab-CE
- powerShell Set-acl strange error : there is not enough space on the disk
- What does systemFlags:1.2.840.113556.1.4.803:=2 mean in ldap?
- PowerShell LDAPFilter multiple conditions
- Use LDAP to authenticate users of a SQL Server database?
- Ldap simple user search return LDAP: error code 53 - Unwilling to process the unindexed search operation
- Authenticating with Active Directory using user log-on name instead of display name
- Azure LDAP Authentication Connection Refused On Cloud Server or Other Desktops
- How to create a ldap BIND_DN for samba active directory
- Retrieving User Information from LDAP Active Directory Server with Node.js using ldapjs package
- Setting up LDAP with jBPM (Kie Server) 7.74.1.Final in Docker
- What is the proper way to make a search call in async mode in unboundId ldap sdk for java?
- What are CN, OU, DC in an LDAP search?
- PHP LDAP query to get members of specific security Group
- Active Directory integration with Wordpress and LDAP
- LDAP with dotnet core under Linux
- LDAP Query via Windows CMD
- implementation of mtls with php
- LDAP auth in ASP.NET MVC authentication error: "Default credentials are not supported when the connection protection is set to None"
- Getting Active Directory "SecurityDescriptor" attribute in .net core on linux machine
- How do I clone an OpenLDAP database
- Why does LDAP requires a two step "login" (connect and then bind)
- "é" become "ã©" while using ldap_modify_batch() in php
- How to check a username/password combination?
- How do I modify a Boolean LDAP Active Directory attribute using Net::LDAP?
- How can I make sure this is a secure LDAP connection and write AD's unicodePwd attribute?
- Environment variables not defined in SSH AuthorizedKeysCommand (Docker)
- How can I cause ldap_simple_bind_s to timeout?