LDAP连接验证 [英] Ldap connection verification

问题描述

我已经遇到了一个问题.
任何人都知道如何仅使用以下参数来检查与LDAP服务器(C#)的连接:
-服务器名称
-完整域
-端口

在Java环境中，我创建了此类帮助程序类(它执行了如上所述的验证):

Hi gusy , i have been encountering with one issue.
Anybody knows about how to check connection with LDAP server (C#) using only such parameters:
-Server name
- full domain
- port

In Java enviroment,i have created such helper class (it perform such verivication as i described above):

public class LdapHelper
{
	//method from class LoginAPI::checkLDAP(...)
	public static boolean loginLDAP(String loginName, String password, String ldapServer, String ldapPort, String ldapDomainName)
			throws Exception
	{
		final LDAPAuthenticate ldapAuthenticate = LDAPAuthenticate.getInstance();
		ldapAuthenticate.init(
				"ldap",
				ldapServer,
				ldapPort,
				ldapDomainName
		);
		return ldapAuthenticate.loginUser( loginName, password );
	}

	//method from class LoginAPI::logoutLdap(...)
	public static void logoutLdap() throws Exception
	{
		final LDAPAuthenticate ldapAuthenticate = LDAPAuthenticate.getInstance();
		ldapAuthenticate.logout();
	}

	//Part of sources from CommonManager:: savePsParameters(...)
	public static boolean checkLdapServer(String serverName, String fullDomainName, String port)
	{
		return LDAPAuthenticate.getInstance().checkLdapServer(
				serverName,
				fullDomainName,
				port
		);
	}

	public static boolean loginSimple(String loginName, String password, String serverName, String fullDomainName, String port,
	                               String base) throws Exception
	{
		Hashtable authEnv = new Hashtable( 11 );

		String dn = "uid=" + loginName + "," + base;
		String ldapURL = "ldap://" + serverName + "." + fullDomainName.toUpperCase() + ":" + port;

		authEnv.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
		authEnv.put( Context.PROVIDER_URL, ldapURL );
		authEnv.put( Context.SECURITY_AUTHENTICATION, "simple" );
		authEnv.put( Context.SECURITY_PRINCIPAL, dn );
		authEnv.put( Context.SECURITY_CREDENTIALS, password );

		DirContext authContext = new InitialDirContext( authEnv );
		System.out.println( "Authentication Success!" );

		return true;
	}
}

所有答案和建议都可以接受=)

好吧，我更珍贵，我需要在LDAP上下文中检查这样的字符串，请参见以下内容:
"LDAP://" + ldapServer +." + DomainName.trim()+:" + port.trim()+"/"

All answers and suggestions are acceptable =)

Well i be more precious, i need to check in LDAP context such string , see below:
"LDAP://" + ldapServer + "."+DomainName.trim() + ":" + port.trim() + "/"

推荐答案

DirectoryEntry objDE = new DirectoryEntry("LDAP://XXX.XXX.XXX.XXX", "domain\\login", "password");
          using (objDE)
          {
              DirectorySearcher objDSearcher = new DirectorySearcher();
              objDSearcher.SearchRoot = objDE;
              objDSearcher.PropertiesToLoad.Add("department");
              objDSearcher.PropertiesToLoad.Add("title");
              objDSearcher.PropertiesToLoad.Add("cn");

              objDSearcher.PropertiesToLoad.Add("SAMAccountName");
              objDSearcher.PropertiesToLoad.Add("givenname");

              objDSearcher.PropertiesToLoad.Add("sn");
              objDSearcher.PropertiesToLoad.Add("memberOf");

              objDSearcher.PropertiesToLoad.Add("department");
              objDSearcher.PropertiesToLoad.Add("title");

              objDSearcher.PropertiesToLoad.Add("postalCode");
              objDSearcher.PropertiesToLoad.Add("streetAddress");

              objDSearcher.PropertiesToLoad.Add("st");
              objDSearcher.PropertiesToLoad.Add("telephoneNumber");

              objDSearcher.PropertiesToLoad.Add("l");
              objDSearcher.PropertiesToLoad.Add("mail");
              //objDSearcher.Filter = "(&(department=GTS Miscellaneous)(title=SOFTWARE ENGINEER))";
              //objDSearcher.Filter = "(&(department=GTS Telecom))";
              objDSearcher.Filter = "(SAMAccountName=SB5817)";

              objDSearcher.SearchScope = SearchScope.Subtree;
              try
              {
                  SearchResultCollection result = objDSearcher.FindAll();
                  foreach (SearchResult sr in result)
                  {

                      Response.Write("ID:" + sr.Properties["SAMAccountName"][0].ToString() + "<br/>");
                      Response.Write("ID:" + sr.Properties["givenname"][0].ToString() + "<br/>");
                      Response.Write("ID:" + sr.Properties["cn"][0].ToString() + "<br/>");
                      Response.Write("Department:" + sr.Properties["Department"][0].ToString() + "<br/>");
                      Response.Write("title:" + sr.Properties["title"][0].ToString() + "<br/>");
                      Response.Write("------------------------------------------------------------------------<br/>");
                  }
              }
              catch (System.DirectoryServices.DirectoryServicesCOMException ex)
              {
                  Response.Write(ex.Message);
              }
              catch (Exception ex)
              {
                  Response.Write(ex.Message);
              }

我已经解决了这个问题.
请参见下面的方法:

I have resolved this issue by myself.
See method below:

public bool checkLdapServer(string server, string domain, int port)
        {
            try
            {
                using (DirectoryEntry dirEnt = new DirectoryEntry("LDAP://" + server.Trim() + "." + domain.Trim() + ":" + port.ToString()))
                {
                    dirEnt.AuthenticationType = AuthenticationTypes.None;
                    using (var searcher = new DirectorySearcher(dirEnt))
                    {
                        searcher.SearchScope = SearchScope.OneLevel;
                        SearchResult searchResult = searcher.FindOne();
                        dirEnt.Close();
                    }
                }
                return true;
            }
            catch (Exception)
            {
                return false;
            }
        }

这篇关于LDAP连接验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！