Authentication using Secure LDAP (ie LDAPS)
Hello Everyone,
I am trying to validate a user against Active Directory. I current use the following code and it works fine:
bool authentic = false;
PrincipalContext pc = new PrincipalContext(ContextTy
// validate the credentials against domain. authentic is True if the account is valid, false if it fails
authentic = pc.ValidateCredentials(use
I pass in the Windows Domain, username, and password into the method and the method returns a true or false depending on the validity of the user account.
Now I have a new requirements that I must use SSL when making calls to LDAP. How can I convert the code above so that I do the same thing but using LDAP over SSL?
Thank you in advance for any help you can provide.
I am trying to validate a user against Active Directory. I current use the following code and it works fine:
bool authentic = false;
PrincipalContext pc = new PrincipalContext(ContextTy
// validate the credentials against domain. authentic is True if the account is valid, false if it fails
authentic = pc.ValidateCredentials(use
I pass in the Windows Domain, username, and password into the method and the method returns a true or false depending on the validity of the user account.
Now I have a new requirements that I must use SSL when making calls to LDAP. How can I convert the code above so that I do the same thing but using LDAP over SSL?
Thank you in advance for any help you can provide.
ASKER
Thanks noci. I am using ASPx page with C# to code the ldap query. There are a few solutions for this on the Internet but they dont seem to work with .NET 3.5. I am using the SSL certificate to encrypt the connection between my application and LDAP. Then I am just running a simple LDAP query to check if the user and passsword is valid. So yes, I want to use ldaps (port 636) to query ldap and all the certificates in the certificate store are trusted on the machines running this application.
Any ideas? Thanks for the feedback?
Any ideas? Thanks for the feedback?
I have no windows system myself so also no C#. (I could have noticed using the keywords i see now).
That still means you need to be able to specify a certificate...
btw The name Principal does sound more like kerberos than ldap btw. (Windows domain authentication is almost the same as kerberos authentication)
So yes ldap is involved but only on the server side (the KDC / [Kerberos] Domain Controller )
Here is a (rather old) article about accessing LDAP from .net C#
http://www.novell.com/coolsolutions/feature/11204.html
That still means you need to be able to specify a certificate...
btw The name Principal does sound more like kerberos than ldap btw. (Windows domain authentication is almost the same as kerberos authentication)
So yes ldap is involved but only on the server side (the KDC / [Kerberos] Domain Controller )
Here is a (rather old) article about accessing LDAP from .net C#
http://www.novell.com/coolsolutions/feature/11204.html
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Also with PrincipalContext class you should provide Contextoptions...
Below link will give you details
http://msdn.microsoft.com/en-us/library/bb300969.aspx
Below link will give you details
http://msdn.microsoft.com/en-us/library/bb300969.aspx
To validate SSL (in general) you need to specify the certificate of the Certificate Authority that issued your servers certificate to validate the certificate sent to you by the server, if not explicitly told that certificate you may need to specify a store of all trusted CA certificates.
You need to specify you want to use ldaps (port 636) or you want to upgrade the existing ldap using TLS1.