如何运行经过验证的方式应用 [英] How to run application in an authenticated manner

问题描述

我创建了一个小型应用程序，它尝试验证基于他们的用户名和密码的用户。在Active Directory所驻留在同一域中运行时，此应用程序工作正常。

I've created a small application which attempts to authenticate a user based on their username and password. This application works correctly when run on the same domain which Active Directory resides on.

我现在必须扩展应用程序也可以用在结构域在安全性和权限方面的封闭。换句话说，有没有办法来运行基于管理员帐户的应用程序，或具有必要的权限来访问Active Directory的帐户？

I must now extend the application to also work on domains which are "closed" in terms of security and permissions. In other words, is there a way to run the application based on an administrator account, or an account which has the necessary permissions to access the Active Directory?

这是在code我都用来验证用户：

This is the code I have used to authenticate a user:

using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, server + ":" + port))
{
       if (pc.ValidateCredentials(username, password))
       {
              valid = true;
       }
       else 
       {
              valid = false;
       }
}

以上code完美的作品，但我想改变它，以便它可以在通过身份验证的方式与Active Directory数据库进行通信。

The above code works perfectly, however I would like to modify it so that it can communicate with the Active Directory database in an authenticated manner.

我看过无数的文档和资源，但没有发现任何东西。我发现的是关闭的一篇文章提的是IIS已被设置并配置以特定方式。但是，我的应用程序是一个简单的C＃应用​​程序，IIS是不被使用。

I have read numerous documentation and resources, but have not found anything. The closes I found was an article mentioning that IIS has to be set up and configured in a specific manner. However, my application is a simple C# application, and IIS is not being used.

推荐答案

如果我理解这个问题正确，你想要 ValidateCredentials 使用不同的用户比当前进程执行用户。

If I understand the question properly, you want to execute ValidateCredentials using a different user than the current process' user.

我可能失去了一些东西，但你有没有尝试过修改您的code这样？

I may be missing something, but have you tried modifying your code this way?

using (PrincipalContext pc = 
        new PrincipalContext(ContextType.Domain, 
                             server + ":" + port, 
                             specialAccountUsername, 
                             specialAccountPassword))
{
       return pc.ValidateCredentials(username, password);
}

它只是使用构造这需要您使用的是用于访问域专用账户。

It simply uses a constructor that takes the special account you are using for accessing the domain.

这篇关于如何运行经过验证的方式应用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！