Ale*_*fin 7 c# mono ldap active-directory
请帮我处理问题.
我正在尝试使用以下代码获取用户组.我通过单声道.正常获取的OS Windows数据(该帐户未包含在域中).但是当我在Linux上启动相同的代码时会出现错误.
我需要做些什么才能获得正常结果?
using System;
using System.Text;
using System.DirectoryServices;
using System.Runtime.InteropServices;
namespace ActiveDirectoryTest
{
class Program
{
private static void Main(string[] args)
{
try
{
DirectoryEntry de = new DirectoryEntry("LDAP://sub.domain.com","username@domain","password",AuthenticationTypes.None);
DirectorySearcher search = new DirectorySearcher(de);
search.ReferralChasing=ReferralChasingOption.All;
search.Filter = "(&(ObjectClass=user)(sAMAccountName=username))";
search.PropertiesToLoad.Add("sAMAccountName");
search.PropertiesToLoad.Add("memberOf");
StringBuilder groupNames = new StringBuilder();
var result = search.FindAll()[0];
int propertyCount = result.Properties["memberOf"].Count;
for (int propertyCounter = 0;
propertyCounter < propertyCount;
propertyCounter++)
{
var dn = (String) result.Properties["memberOf"][propertyCounter];
var equalsIndex = dn.IndexOf("=", 1);
var commaIndex = dn.IndexOf(",", 1);
if (-1 == equalsIndex)
{
Console.WriteLine("error parse");
}
groupNames.Append(dn.Substring((equalsIndex + 1),
(commaIndex - equalsIndex) - 1));
groupNames.Append("|");
}
Console.WriteLine(groupNames.ToString());
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
Console.ReadLine();
}
}
}
LdapException:(32)No Such Object LdapException:Server Message:0000208D:NameErr:DSID-03100213,problem 2001(NO_OBJECT),data 0,best match of:''Novell.Directory.Ldap.LdapException
小智 1
当搜索库无效时,通常会生成此错误。当您使用明文 LDAP(我下面的示例使用 SSL,但您可以注释掉将身份验证类型更改为 System.DirectoryServices.AuthenticationTypes.None)时,您可以在应用程序主机和 LDAP 服务器之间获取网络捕获端口 389 并查看正在执行的实际搜索。
根据MS 的文档,您应该能够使用 LDAP://dc=company,dc=gTLD,而无需指定特定的域控制器。因为我需要我的代码能够与 Active Directory 和纯 LDAP 服务器一起使用,所以我使用类似 LDAP://DomainController.company.gTLD/ou=UserOU,dc=company,dc=gTLD 的内容,其中 LDAP 主机名和搜索库是包括。
我用于 LDAP 身份验证的函数:
protected string ldapAuthentication(string strLDAPServer, string strSuppliedUser, string strSuppliedPwd, string strSystemUID, string strSystemPwd, string strLDAPUserBase, string strUIDAttr){
strSuppliedUser = strSuppliedUser.Trim();
string strResults = "";
string strLDAPUserHost = strLDAPServer + strLDAPUserBase;
// Establish LDAP connection and bind with system ID
System.DirectoryServices.DirectoryEntry dirEntry = new System.DirectoryServices.DirectoryEntry();
dirEntry.Path = strLDAPUserHost;
dirEntry.Username = strSystemUID;
dirEntry.Password = strSystemPwd;
dirEntry.AuthenticationType = System.DirectoryServices.AuthenticationTypes.SecureSocketsLayer;
try
{
dirEntry.RefreshCache();
// Search directory for the user logging on
string strLDAPFilter = "(&(objectClass=user)(" + strUIDAttr + "=" + strSuppliedUser + "))";
System.DirectoryServices.DirectorySearcher ldapSearch = new System.DirectoryServices.DirectorySearcher(dirEntry);
ldapSearch.ServerTimeLimit = new TimeSpan(0, 0, 30);
ldapSearch.Filter = strLDAPFilter;
ldapSearch.SearchScope = System.DirectoryServices.SearchScope.Subtree;
System.DirectoryServices.SearchResultCollection searchResults = ldapSearch.FindAll();
if (searchResults.Count == 1){
...
这个函数的调用方式如下:
strInputResults = ldapAuthentication("LDAP://DomainController.company.gTLD/", strInputSuppliedUser, strInputSuppliedPwd, "SystemAccount@company.gTLD", "Syst3mP@s5w0rd", "ou=UserOU,dc=company,dc=gTLD","sAMAccountName");
| 归档时间: |
|
| 查看次数: |
648 次 |
| 最近记录: |