2

我们希望使用“代理用户”连接到 LDAP 服务器(Active Directory、Novell 或其他),然后确保尝试登录应用程序的用户输入了可接受的用户名和密码。我已经获得了连接到 LDAP 的代码,但我不知道如何检查用户名和密码。您可以通过 LDAP 查询来做到这一点吗?

到目前为止,这是我的代码的内容:

Public Function Authenticate(ByVal UserName As String, ByVal Password As String)

  Dim LDAPServer As String = ConfigurationManager.AppSettings("LDAPServer")
  Dim proxyUsername As String = ConfigurationManager.AppSettings("LDAPProxyUser")
  Dim proxyPassword As String = ConfigurationManager.AppSettings("LDAPProxyPassword")

  Dim entry As DirectoryEntry

  entry = New DirectoryEntry(LDAPServer, proxyUsername, proxyPassword)

  'This performs the LDAP authentication'
  Dim obj As Object = entry.NativeObject

  Dim search As New DirectorySearcher(entry)
  search.Filter = String.Format("(SAMAccountName={0})", UserName)

  'How do I check the password now?'

  Dim result As SearchResult = search.FindOne()

  If result Is Nothing Then Throw New Exception("Unable to find SAMAccountName")
4

2 回答 2

1

我过去使用的代码尝试使用提供的凭据绑定到 LDAP。如果对 bind 的调用引发异常,则说明您没有有效用户:

Dim servers() As String = New String(0) {"mylap.domain.com"}
Dim con As New LdapConnection(New LdapDirectoryIdentifier(servers, True, False))
con.SessionOptions.SecureSocketLayer = True
con.Credential = New Net.NetworkCredential("cn=" & userName, password)
con.AuthType = AuthType.Basic

Using con
   con.Bind()
End Using
于 2010-02-03T19:21:49.340 回答
0

我最终创建了另一个 DirectoryEntry,它是试图像这样进行身份验证的用户:

Dim authEntry As DirectoryEntry

authEntry = New DirectoryEntry(LDAPServer, UserName, Password)

Dim authObj = authEntry.NativeObject

如果这引发异常,则用户无法进行身份验证。

于 2010-02-04T18:13:11.637 回答