本文介绍了在LDAP中验证用户的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述



我的结构目录如

ou = system,ou = valeteck,cn = mayank



现在他们是系统的用户名和密码。 CN''mayank''也有密码。

现在我必须通过检查用户名和密码验证''mayank''。



我正在创建一个带有系统域及其用户名和密码的directoryentry对象。使用搜索过滤器来获取mayank,然后访问其密码以进行验证但不起作用。

Hi,
I have a directory in structure like
ou=system,ou=valeteck,cn=mayank

Now their is username and password for system. CN ''mayank'' has password also.
Now I have to authenticate ''mayank'' by checking username and password.

I am creating a directoryentry object with domain of system and its username and password. Used a search filter to get mayank and then access its password to validate but its not working.

推荐答案

object o = directoryentry.NativeObject;



如果密码错误,将引发异常。


An exception will be raised in case of a wrong password.



Public Function ValidateWindowsCredentials(ByVal UserId As String, _
ByVal Password As String) As Boolean
    Dim Result As Boolean = False

    Try
        Dim PC As New PrincipalContext(ContextType.Domain, "OurDomain")
        'This is done twice: sometimes, the first check fails.
        Result = PC.ValidateCredentials(UserId, Password, ContextOptions.Negotiate)
        Result = PC.ValidateCredentials(UserId, Password, ContextOptions.Negotiate)
    Catch ex As Exception
        Throw ex
    End Try

    Return Result
End Function



我为它在VB中表示道歉,但你应该能够轻松地将它转换为C#。 PrincipalContext System.DirectoryServices.AccountManagement 命名空间的一部分,该命名空间已添加到3.5 Framework(Visual Studio 2008)并且,根据我的经验,它比尝试将密码更改为自己的旧技术要快得多。



就从用户ID获取密码而言,不能:该属性是只写的。这是设计用于防止恶意用户编写可能从AD数据存储中获取网络密码的代码。


My apologies for it being in VB, but you should be able to translate this to C# easily enough. PrincipalContext is part of the System.DirectoryServices.AccountManagement namespace, which was added to the 3.5 Framework (Visual Studio 2008) and, in my experience, it is significantly faster than older technique of trying to change the password to itself.

As far as obtaining a password from a user id, you cannot: the property is write-only. This is by design, to prevent a malicious user from writing code that could harvest network passwords out of the AD data store.


这篇关于在LDAP中验证用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

05-27 00:51
查看更多