使用Novell.Directory.Ldap.NETStandard2_0的受限用户(登录工作站)在ASP.NET Core中的LDAP身份验证问题 [英] LDAP authentication problem in ASP.NET Core for restricted users (logon workstations) using Novell.Directory.Ldap.NETStandard2_0
问题描述
我使用Novell.Directory.Ldap.NETStandard2_0程序包从Active Directory中对用户进行身份验证,它对大多数用户都适用.
I use Novell.Directory.Ldap.NETStandard2_0 package to authenticate users from Active Directory and it works fine for most of users.
using (var cn = new LdapConnection())
{
cn.Connect(ldapOptions.Host, ldapOptions.Port);
var userDn = username.IndexOf('@') < 0 ? username + $"@{ldapOptions.Domain}" : username;
cn.Bind(userDn, password);
if (cn.Bound)
{
result.Result = AuthResult.Succeed;
result.Message = "Login Successful using LDAP: {0}.";
}
return result;
}
问题是当我们需要对仅限于登录到我们域(Active Directory)中的某些计算机的用户进行身份验证时.
The problem is when we need to authenticate users that are restricted to logon to only certain computers in our domain (Active Directory).
我将承载我的应用程序(IIS& Win Server 2016)的计算机添加到列表中,但是它仍然失败,并且无法对受限用户进行身份验证.
I added the computer that host my application (IIS & Win Server 2016) to the list but it still fails and restricted users cannot be authenticated yet.
如何解决此问题?我应该更改我的代码吗?或Active Directory/IIS设置?
How can I solve this issue? should I change my code? or Active Directory/IIS settings?
推荐答案
LDAP身份验证通常来自域控制器,因此配置为LDAP主机的域控制器必须存在于登录工作站中(userWorkstations)列表.
LDAP authentication is generally sourced from the domain controller(s), so the domain controller(s) configured as the LDAP host need to be present in the logon workstations (userWorkstations) list.
这篇关于使用Novell.Directory.Ldap.NETStandard2_0的受限用户(登录工作站)在ASP.NET Core中的LDAP身份验证问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!