AD轻型目录服务无法验证用户 [英] AD Lightweight Directory Services not Authenticating Users

问题描述

由于某些原因，我可以用LDS在LDS创建的用户不进行身份验证的用户凭据。

For some reason, I cannot authenticate user credentials using LDS for users created in LDS.

我的测试code是：

        PrincipalContext context = new PrincipalContext(ContextType.ApplicationDirectory, "adlds:50000", "CN=test,DC=test,DC=internal", ContextOptions.Negotiate);

        UserPrincipal user = new UserPrincipal(context);

        user.Enabled = true;
        user.Name = "MyTestUser";
        user.SetPassword("P@ssw0rd1");
        user.GivenName = "ATestUser123";
        user.Surname = "SurnameOf";

        user.Save();

        bool auth = context.ValidateCredentials("MyTestUser", "P@ssw0rd1");

ValidateCredentials是假的，每次回来了。

ValidateCredentials is returning false each time.

LDS的是Server 2008 R2中运行，则为加入域。我试图重新创建的背景下，即将到期的密码，通过手动ADSI密码CH375复位等。

LDS is running on Server 2008 R2 that is domain joined. I have tried recreating the context, expiring passwords, manually reseting passwords through ADSI, etc.

有什么想法？

推荐答案

我一起去了同样的问题。我所做的，和我的作品，是在调用的时候ValidateCredentials我用ContextOptions.SimpleBind，最重要的是，修改后的用户名了一下：

I've come along the same problem. What I did, and works for me, is when calling ValidateCredentials I used ContextOptions.SimpleBind, and most importantly, modified the username a bit:

bool auth = context.ValidateCredentials(
                            String.Format("CN={0},CN=test,DC=test,DC=internal",
                                          "MyTestUser"), 
                            "P@ssw0rd1", 
                            ContextOptions.SimpleBind);

希望这有助于。

Hope this helps.

这篇关于AD轻型目录服务无法验证用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！