LDAD over SSL Error on a Server

Kozela
Kozela used Ask the Experts™
on
Hello Everyone,

I was wondering if someone can help me solve this riddle.  I need to authenticate a user against LDAP over SSL.  I have written the following method:

//////////////////////////////////////
 public static bool UserAuthetication(string userName, string password, string domain)
 {
  bool authentic = false;
         
  try
  {
        DirectoryEntry entry = new DirectoryEntry("LDAP://" + domain, userName, password,  AuthenticationTypes.SecureSocketsLayer | AuthenticationTypes.Secure);
                object nativeObject = entry.NativeObject;
                authentic = true;
  }
  catch (Exception e)
  {
        authentic = false;
        return authentic;
  }
        return authentic;
}

////////////////////////////////

The method is called from the code as follows:
   
UserAuthetication("myUser", "myPassW", "rootDSE");

So here is my problem.  The mehod works correctly from multiple Workstations.  However, this code runs on a server and the code errors out everytime I run it on the server.  The code is used t authenticate an incoming request on a server.  I am guessing it has to do with the SSL certificates on the server but I am not sure where to start looking or which certificate it could be.  

Any ideas?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Stacy SpearPresident/Principal Consultant

Commented:
Whats the error?

Author

Commented:
darkstar3d:  Sorry for the delay.

On the Server I get:
The certificate received from the remote server does not contain the expected name.  It is therefore not possible to determine whether we are connecting to the correct server.  The server name we are expecting is [Domain.corp.com].  The SSL connection request has failed.

On the program the exception that is thrown is:
Logon failure:unknown user name or babd password,

The weird part is that this program works fine on the workstations but not on the servers.  ????

Commented:
Assuming that the domain controller has been configured correctly with the CA certificate and you can connect to LDAP on port 636, the code above can be used with a few minor tweaks.

First Update the code as follows:

public static bool UserAuthetication(string userName, string password, string domain)
 {
  bool authentic = false;
         
  try
  {
        DirectoryEntry entry = new DirectoryEntry("LDAP://rootDSE", domain +"\\"+ userName, password, AuthenticationTypes.SecureSocketsLayer);
                entry.RefreshCache();

                authentic = true;
  }
  catch (Exception e)
  {
        authentic = false;
        return authentic;
  }
        return authentic;
}
 
 Then call the method as follows:

UserAuthetication("myUser", "myPassW", "[Windows Domain]");

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial