这是我第一次使用LDAP和Active Directory。我必须使用.NetCore制作必须通过ActiveDirectory(WindowsServer 2008 r2)进行身份验证的Web api,我正在按照Novell.Directory.Ldap.NETStandard中的示例进行操作,但是我无法理解必须设置参数的方式。
这是我在ActiveDirectory Server中创建的用户:

c# - 使用Novell.Directory.Ldap.NETStandard库的C#netcore ldap身份验证-LMLPHP

在Novell的样本中

if (args.Length != 5)
{
    System.Console.Out.WriteLine("Usage:   mono VerifyPassword <host name>" + " <login dn> <password> <object dn>\n" + "         <test password>");
    System.Console.Out.WriteLine("Example: mono VerifyPassword Acme.com " + "\"cn=Admin,o=Acme\" secret\n" + "         \"cn=JSmith,ou=Sales,o=Acme\" testPassword");
    System.Environment.Exit(0);
}

int ldapPort = LdapConnection.DEFAULT_PORT;
int ldapVersion = LdapConnection.Ldap_V3;
System.String ldapHost = args[0];
System.String loginDN = args[1];
System.String password = args[2];
System.String objectDN = args[3];
System.String testPassword = args[4];
LdapConnection conn = new LdapConnection();

try
{
    // connect to the server
    conn.Connect(ldapHost, ldapPort);

    // authenticate to the server
    conn.Bind(ldapVersion, loginDN, password);

    LdapAttribute attr = new LdapAttribute("userPassword", testPassword);
    bool correct = conn.Compare(objectDN, attr);

    System.Console.Out.WriteLine(correct?"The password is correct.":"The password is incorrect.\n");

    // disconnect with the server
    conn.Disconnect();
}


在Novell的示例中,“用户”参数看起来像这样:“ ou = sales,o = Acme”,所以我在尝试:

int ldapPort = LdapConnection.DEFAULT_PORT;
int ldapVersion = LdapConnection.Ldap_V3;
bool compareResults = false;
String ldapHost = "192.168.58.251";
String loginDN = @"cn=jperez";
String password1 = "Jperez123";
String dn = "mydn";
LdapConnection lc = new LdapConnection();
LdapAttribute attr = null;

try
{
    // connect to the server
    lc.Connect(ldapHost, ldapPort);
    var sdn = lc.GetSchemaDN();

    // authenticate to the server
    lc.Bind(ldapVersion, loginDN, password1);

    ...
}
catch (LdapException e)
{
    Console.WriteLine("Error: " + e.ToString());
}


但是我得到这个错误:
LDAP:


LdapException:无效的凭据(49)无效的凭据
LdapException:服务器消息:80090308:LdapErr:DSID-0C0903A8,
注释:AcceptSecurityContext错误,数据52e,v1db1 \ u0000
LdapException:匹配的DN:


我还获得具有以下功能的schemaDn:lc.GetSchemaDN(),返回此结果:CN=Aggregate,CN=Schema,CN=Configuration,DC=mydn,DC=local

谷歌搜索后,与.Netcore相比,没有更多的信息与Novell's samples一起,请给我帮助。

最佳答案

一直在为此工作,并遇到了相同的错误。我必须使用Windows域和用户名登录:

String loginDN = "DOMAIN\\jperez";
String password1 = "Jperez123";

lc.Bind(loginDN, password1);


一旦这样做,我就毫无问题地进入了。

10-06 09:42