如何连接到本地安装的OpenLDAP的服务？ [英] How do I connect to a locally installed OpenLDAP service?

问题描述

我一直在敲打我的头靠在的.Net 3.5 PrincipalContext，试图证明是安装在同一台机器上我的Visual Studio 2010 IDE（机器名是dev001），以OpenLDAP的连接。

I've been banging my head against the .Net 3.5 PrincipalContext, trying to establish a connection to OpenLDAP that is installed on the same machine as my Visual Studio 2010 IDE (machine name is dev001).

下面是我简单的LDAP结构：

Here is my simple LDAP structure:

• 基地（DC =测试，DC = COM）
• testadmin的账户（CN = testadmin的账户，DC =测试，DC = COM）
• 帐户（DC =帐户，DC =测试，DC = COM）
• testuser的（CN = testuser的，DC =帐户，DC =测试，DC = COM）
• base (dc=test,dc=com)
• testadmin (cn=testadmin,dc=test,dc=com)
• accounts (dc=accounts,dc=test,dc=com)
• testuser (cn=testuser,dc=accounts,dc=test,dc=com)

下面是code段我试过：

Here are the code snippets I've tried:

片段＃1 ：名称组合：本地主机，本地主机：389，dev001，dev001：389，测试，test.com

Snippet #1 : Combinations of name: "localhost", "localhost:389", "dev001", "dev001:389", "test", "test.com"

PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, "localhost", "dc=accounts,dc=test,dc=com", "cn=testadmin,dc=test,dc=com", "testadminpassword");

片段＃2 的名称的组合：本地主机，本地主机：389，dev001，dev001：389，测试，test.com

Snippet #2 Combinations of name: "localhost", "localhost:389", "dev001", "dev001:389", "test", "test.com"

PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, "localhost", "dc=accounts,dc=test,dc=com", "testadmin", "testadminpassword");

我还没有建立与服务器的连接。

I have yet to establish a connection to the server.

当我使用localhost，本地主机：389，dev001，dev001：389，或测试，我得到错误：

When I use "localhost", "localhost:389", "dev001", "dev001:389", or "test", I get the error:

System.NullReferenceException：未将对象引用设置到对象的实例的

当我用test.com我的错误：

When I use "test.com" I get the error:

System.DirectoryServices.AccountManagement.PrincipalServerDownException：服务器无法联系。 ---> System.DirectoryServices.Protocols.LdapException：LDAP服务器不可用的

推荐答案

你的第一个问题是使用System.DirectoryServices命名空间。在那里类只与Active Directory工作。我早就放弃了它的System.DirectoryServices.Protocols命名空间以及大多数其他人。下面是一些code，你可以用它来让你在连接开始。

Your first problem is using the System.DirectoryServices namespace. The classes in there only work well with Active Directory. I've long ago abandoned it for the System.DirectoryServices.Protocols namespace as well as most other people. Here's some code you can use to get you started in connecting.

var host = "localhost:389";
var credential = new NetworkCredential("user", "secret");

using (var con = new LdapConnection(host) { Credential = credential, AuthType = AuthType.Basic, AutoBind = false })
{
    con.SessionOptions.ProtocolVersion = 3;
    con.SessionOptions.VerifyServerCertificate = new VerifyServerCertificateCallback(VerifyCertDelegate);
    //con.SessionOptions.StartTransportLayerSecurity(new DirectoryControlCollection());
    con.Bind()
    //Do other ldap operations here such as setting the user password
    var pass = "newpass";
    var req = new ModifyRequest
    {
        DistinguishedName = "cn=user,ou=test,dc=example,dc=com"
    };

    var dam = new DirectoryAttributeModification
    {
        Name = "userPassword",
        Operation = DirectoryAttributeOperation.Replace
    };
    dam.Add(pass);
    req.Modifications.Add(dam);

    con.SendRequest(req);
}

注意，在上述的TLS是关闭的。如果您希望在端口636的安全连接使用SSL微软LDAP库有竞争状态，这将导致你的CPU在一个无限循环秒杀当两个LDAP同步进行调用，例如在Web服务器环境。

Notice that in the above TLS is turned off. If you want a secure connection use ssl on port 636. The microsoft ldap libraries have a race condition that will cause your cpu to spike in an infinite loop when two simultaneous ldap calls are made such as in a web server environment.

这篇关于如何连接到本地安装的OpenLDAP的服务？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！