Chapter138: System.DirectoryServices.Protocols.LdapC onnection
- 07/06/2024
- C# Programming
Section 138.1: Authenticated SSL LDAP connection, SSL certdoesnotmatchreverseDNS
Set up some constants for the server and authentication information. Assuming LDAPv3, but it’s easy enough to change that.
//Authentication,andthenameoftheserver.
privateconststringLDAPUser=”cn=example:app:mygroup:accts,ou=Applications,dc=example,dc=com”;privatereadonly char[]password= {‘p’,’a’,’s’,’s’,’w’,’o’,’r’,’d’};
privateconststringTargetServer=”ldap.example.com”;
//Specifictoyourcompany.Mightstart“cn=manager”insteadof”ou=people”,forexample.
privateconststringCompanyDN=”ou=people,dc=example,dc=com”;
Actuallycreatetheconnectionwiththreeparts:anLdapDirectoryIdentifier(theserver),and NetworkCredentials.
//Configureserverandport.LDAPw/SSL,akaLDAPS,usesport636.
//Ifyoudon’thaveSSL,don’tgiveittheSSLport.
LdapDirectoryIdentifieridentifier=newLdapDirectoryIdentifier(TargetServer,636);
//Configurenetworkcredentials(useridandpassword)
varsecureString=newSecureString();
foreach(varcharacterinpassword)
secureString.AppendChar(character);
NetworkCredentialcreds=newNetworkCredential(LDAPUser,secureString);
//Actuallycreatetheconnection
LdapConnectionconnection=newLdapConnection(identifier,creds)
{
AuthType=AuthType.Basic,
SessionOptions=
{
ProtocolVersion=3,
SecureSocketLayer=true
}
};
//OverrideSChannelreverseDNSlookup.
//Thisgetsuspastthe”TheLDAPserverisunavailable.”exception
//Couldbe
// connection.SessionOptions.VerifyServerCertificate+={returntrue;};
//butsomecertificatevalidationisprobablygood.
connection.SessionOptions.VerifyServerCertificate+=
(sender,certificate)=>certificate.Subject.Contains(string.Format(“CN={0},”,TargetServer));
UsetheLDAPserver,e.g.searchforsomeonebyuseridforallobjectClassvalues.TheobjectClassispresentto demonstrates a compound search: The ampersand is the boolean “and” operator for the two query clauses.
SearchRequestsearchRequest=newSearchRequest( CompanyDN,
string.Format((&(objectClass=*)(uid={0})),uid),
SearchScope.Subtree,
null
);
//Lookatyourresults
foreach(SearchResultEntryentryinsearchResponse.Entries){
//dosomething
}
Section138.2:SuperSimpleanonymousLDAP
AssumingLDAPv3,butit’seasyenoughtochangethat.Thisisanonymous,unencryptedLDAPv3LdapConnection creation.
privateconststringTargetServer=”ldap.example.com”;
Actuallycreatetheconnectionwiththreeparts:anLdapDirectoryIdentifier(theserver),and NetworkCredentials.
//Configureserverandcredentials
LdapDirectoryIdentifieridentifier=newLdapDirectoryIdentifier(TargetServer);NetworkCredentialcreds=newNetworkCredential();
LdapConnectionconnection=newLdapConnection(identifier,creds)
{
AuthType=AuthType.Anonymous, SessionOptions=
{
ProtocolVersion=3
}
};
To usetheconnection, somethinglikethis wouldgetpeople withthesurnameSmith
SearchRequestsearchRequest=newSearchRequest(“dn=example,dn=com”,”(sn=Smith)”, SearchScope.Subtree,null);
About us and this blog
We are a digital marketing company with a focus on helping our customers achieve great results across several key areas.
Request a free quote
We offer professional SEO services that help websites increase their organic search score drastically in order to compete for the highest rankings even when it comes to highly competitive keywords.
Subscribe to our newsletter!
More from our blog
See all postsRecent Posts
- Chapter158:T4 CodeGeneration 27/06/2024
- Chapter157:ILGenerator 26/06/2024
- Chapter156:.NETCompilerPlatform (Roslyn) 25/06/2024