?
Solved

LDAP Login

Posted on 2011-10-08
3
Medium Priority
?
419 Views
Last Modified: 2012-05-12
I am trying to login user "vanbure" into my LDAP server.  LDAP Browser says the correct URL for this user is

ldap://localhost:389/uid=vanbure,ou=users,ou=dmcs,dc=ed,dc=gov

yet my function below always returns False.

Function AuthenticateUser() As Boolean

        Dim de As New DirectoryEntry("LDAP://localhost:389/uid=vanbure,ou=users,ou=dmcs,dc=ed,dc=gov", "vanbure", "p@ssword1", AuthenticationTypes.Secure)                

        Try

            'run a search using those credentials.

            'If it returns anything, then you're authenticated

            Dim ds As DirectorySearcher = New DirectorySearcher(de)

            ds.FindOne()

            Return True

        Catch

            'otherwise, it will crash out so return false

            Return False

        End Try

    End Function

 LDAP Browser says this is the properties of this user

uid = vanbure
sn = Van Buren
cn = Eric
userPassword = p@ssword1
.
0
Comment
Question by:evanburen
3 Comments
 
LVL 9

Expert Comment

by:pritamdutt
ID: 36937655
Secure Authentication for LDAP is carried out on port 636, try that.

0
 

Author Comment

by:evanburen
ID: 36938883
I changed AuthenticationTypes.Secure to AuthenticationTypes.ServerBind because I can't use secure authentication and still no luck. I'm pretty sure it's the way that I'm passing the username and password or the LDAP url because this works

 Dim de As New DirectoryEntry("LDAP://localhost/ou=users,ou=dmcs,dc=ed,dc=gov", "cn=Manager,dc=ed,dc=gov", "secret", AuthenticationTypes.ServerBind)

this does not

 Dim de As New DirectoryEntry("LDAP://localhost:389/uid=vanbure,ou=users,ou=dmcs,dc=ed,dc=gov", "vanbure", "p@ssword1", AuthenticationTypes.ServerBind)              
0
 
LVL 83

Accepted Solution

by:
CodeCruiser earned 2000 total points
ID: 36941709
Here is an example

http://support.microsoft.com/kb/326340


Public Function IsAuthenticated(ByVal domain As String, ByVal username As String, ByVal pwd As String) As Boolean

            Dim domainAndUsername As String = domain & "\" & username
            Dim entry As DirectoryEntry = New DirectoryEntry(_path, domainAndUsername, pwd)

            Try
                'Bind to the native AdsObject to force authentication.			
                Dim obj As Object = entry.NativeObject
                Dim search As DirectorySearcher = New DirectorySearcher(entry)

                search.Filter = "(SAMAccountName=" & username & ")"
                search.PropertiesToLoad.Add("cn")
                Dim result As SearchResult = search.FindOne()

                If (result Is Nothing) Then
                    Return False
                End If

                'Update the new path to the user in the directory.
                _path = result.Path
                _filterAttribute = CType(result.Properties("cn")(0), String)

            Catch ex As Exception
                Throw New Exception("Error authenticating user. " & ex.Message)
            End Try

            Return True
        End Function

Open in new window

0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

750 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question