Ldap用户身份验证不适用于锁定或禁用的帐户 [英] Ldap user authentication not working for locked or disabled account

问题描述

我正在一个网站上管理ldap。我陷入困境，当我尝试对帐户锁定或禁用的用户进行身份验证时失败。

我想要做的是首先在帐户锁定或禁用的显示消息后验证用户。



我这样编码

Hi,
I am working on a website to manage ldap. I am stuck in a situation, when I am trying to authenticate user with account locked or disabled it fails.
What I want to do is first authenticate user after that show message that account locked or disabled.

I am coding like this

LdapConnection connection = new LdapConnection(new LdapDirectoryIdentifier("SJTPNOC.com", 636));
connection.SessionOptions.VerifyServerCertificate = new VerifyServerCertificateCallback((con, cer) => true);
connection.SessionOptions.ProtocolVersion = 3;        
connection.AuthType = AuthType.Basic;       
connection.SessionOptions.SecureSocketLayer = true;
connection.Timeout = new TimeSpan(0, 0, 10);   
connection.Credential = new NetworkCredential(username, password);
using (connection){
connection.Bind();
}

推荐答案

这不会起作用。绑定到LDAP服务器意味着可以与服务器建立连接的用户。根据定义，禁用或锁定的用户不能。您需要使用服务帐户进入ldap并进行查询。

This won''t work. Binding to LDAP server implies a user that can establish connection to the server. A disabled or locked user by definition can''t. You will need to use a service account to get into ldap and do the query.

这篇关于Ldap用户身份验证不适用于锁定或禁用的帐户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！