0

为了在 Active Directory 服务中搜索特定用户,我们使用了ldap_search_sWAPI。但是,在 Windows Server 2012 的情况下,我的 exe 崩溃了。没有返回错误代码,EXE 只是停止工作。

我拥有的 EXE 是 32 位应用程序。所以我猜它会从“SysWow64”目录加载。这是有关如何完成调用的示例行:-

pld 声明:

type // record declaration begins
  {$EXTERNALSYM PLDAP}
  PLDAP = ^LDAP;
  {$EXTERNALSYM LDAP}
  LDAP = record

      ld_sb: record
        sb_sd: ULONG;
        Reserved1: array [0..(10 * sizeof(ULONG))] of Byte;
       sb_naddr: ULONG;   // notzero implies CLDAP available
       Reserved2: array [0..(6 * sizeof(ULONG)) - 1] of Byte;
       //
       //  Following parameters MAY match up to reference implementation of LDAP
      //

    ld_host: PChar;
    ld_version: ULONG;
    ld_lberoptions: Byte;

    //
   //  Safe to assume that these parameters are in same location as
   //  reference implementation of LDAP API.
   //

    ld_deref: ULONG;

    ld_timelimit: ULONG;
    ld_sizelimit: ULONG;

    ld_errno: ULONG;
    ld_matched: PChar;
    ld_error: PChar;
    ld_msgid: ULONG;

    Reserved3: array  [0..(6*sizeof(ULONG))] of Byte;

    //
    //  Following parameters may match up to reference implementation of LDAP API.
    //

    ld_cldaptries: ULONG;
    ld_cldaptimeout: ULONG;
    ld_refhoplimit: ULONG;
    ld_options: ULONG;

end; // record declaration end

 pld : PLDAP;
 pld := Session.pld; // session PLD is assigned as is to it
 The sessions' PLD is initialized as 
 ldappld := ldap_initW(PWideChar(ldapServerW), ldapPort)  // this is eventually assigned to Session's PLD which is assigned to the PLD used Below

 LdapCheck(ldap_search_sW(pld, PWideChar('DC=esbs,DC=local'), LDAP_SCOPE_SUBTREE, '(objectCategory=user)', nil, 0, plmSearch));

我应该采取什么步骤?

这是 EXE 崩溃的 Windows 转储:

 Problem signature:
Problem Event Name: APPCRASH
Application Name:   project1.exe
Application Version:    0.1.1.0
Application Timestamp:  2a425e19
Fault Module Name:  KERNELBASE.dll
Fault Module Version:   6.2.8400.0
Fault Module Timestamp: 4fb7184e
Exception Code: 000006ba
Exception Offset:   00017945
OS Version: 6.2.8400.2.0.0.400.8
Locale ID:  1033
Additional Information 1:   91d0
Additional Information 2:   91d025961d4c758a8b5ea7ee1390f3b7
Additional Information 3:   c3ce
Additional Information 4:   c3cebe78f080ab69603c33ad36d75750

功能声明:

    {$EXTERNALSYM ldap_search_sW}
  function ldap_search_sW(ld: PLDAP; base: PWideChar; scope: ULONG; filter, attrs: PWideChar;   attrsonly: ULONG;  var res: PLDAPMessage): ULONG; cdecl;
4

1 回答 1

0

我们已经解决了这个问题,我在这里发布了解决方案。ldap_search_sW我们使用的函数没有问题。在连接到 ADS 之前,我们用于验证提供的用户名和密码。然后我们用ldap_initW,ldap_set_optionWldap_simple_bind_sW来连接服务器。

然后读取ldap_search_sW用户列表以读取用户列表。在 Server 2012 中,如果跳过了身份验证部分,则 exe 不会崩溃。身份验证是这样完成的:-

function AuthenticateADSUserW(ADSUserName, ADSPassword, ADSip: String;Var Fun_Obj:String): Boolean;
var
   AuthResult : Integer;
   hInstance:    THandle;
   ADSServerName,
   ADSUsrNam,
   ADSPwd,
   ADSPortNo,
   Error: Array [0..255] of char;
   ldapDomain,
   ldapUserName,
   ldapPassword    : WideString;
   hr            : integer;
   obj           : IADs;
 begin
   try
     Result  := False;
         Fun_Obj := '';
// Insert code to securely retrieve the user name and password.
try
    ldapDomain    := UTF8Decode(ADSip);
    ldapUserName  := UTF8Decode(ADSUserName);
    ldapPassword  := UTF8Decode(ADSPassword);

    CoInitialize(Nil); //Added By Sameer

    hr := ADsOpenObject('LDAP://'+ldapDomain,
                       ldapUserName,
                       ldapPassword,
                       ADS_SECURE_AUTHENTICATION,
                       IADs,
                       obj);
    Fun_Obj := obj.ADsPath ;
    if  Succeeded(hr) then
      Result := True;

except
  on e : exception do
  begin
    escan.Updatelog('Error '+e.ClassName + ': ' + e.Message,1,0);
      Result := False;
  end;
  //lblMessage.Caption  := e.ClassName + ': ' + #13#10 + e.Message;
end;
finally
   CoUninitialize;
 end;
end;

我们跳过了这个,而是通过检索提供的用户名的基本 DN 来进行身份验证。如果返回 BASE DN,则认为用户已通过身份验证。如果返回为空,则用户未通过身份验证。

希望它可以帮助某人。

于 2013-09-12T06:32:14.567 回答