Am I connecting to LDAP and authenticating correctly?

Attached is my code for authenticating to an LDAP server. I'm getting an:

Error authenticating user. Unknown error (0x80005000)

2 Questions: 1st, as my code is written, is this a successful way to authenticate or test authentication? 2nd, if the answer to my 1st question is yes, then shouldn't this line in the code:  "object nativeObject = entry.NativeObject;", if it succeeds, indicate successful authentication? This line: "string test = "LDAP://" + domain + username + pwd;" was just me doing some testing and can be ingnored. Am I going about this in the most generic / simplest way? My users enter their username and password and I just need to verify the match. In other words a match equals authentication for my purposes.

My web app. is written in ASP .NET 3.5 [C#]






    public bool IsAuthenticated(string domain, string username, string pwd)
    {
        bool authentic = false;
        try
        {
            string test = "LDAP://" + domain + username + pwd;
            DirectoryEntry entry = new DirectoryEntry("LDAP:\\" + domain, username, pwd);
            try
            {
                object nativeObject = entry.NativeObject;
                //lblConfirmationMsg.Text = "Successful LDAP Authentication! :)";
                //pnlUpdateConfirmation.Visible = true;
                authentic = true;
            }
            catch (DirectoryServicesCOMException dsce)
            {
                lblConfirmationMsg.Text = "Un-Successful LDAP Authentication! " + dsce.Message.ToString();
                pnlUpdateConfirmation.Visible = true;
            }
            return authentic;
        }
        catch (Exception ex)
        {
            throw new Exception("Error authenticating user. " + ex.Message);
        }
    }

Open in new window

LVL 1
Michael SterlingWeb Applications DeveloperAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

guru_samiCommented:
You might want to check this document. Code in Step #3 is what I have used in the past.
For connectionstring you might want to ask your IT admin. You might need the domain name included in the connectionstring.
Here are some variations.
0
Michael SterlingWeb Applications DeveloperAuthor Commented:
@guru_sami: Thank you. I will look at the variations. Doesn't this line:

DirectoryEntry entry = new DirectoryEntry("LDAP:\\" + domain, username, pwd)

include the domain name in the connection string?
0
guru_samiCommented:
Ahh...you are manually doing it...I think the username you pass to that constructor should include domain as well e.g.
string domainAndUsername = domain + @"\" + username;
DirectoryEntry entry = new DirectoryEntry( _path,domainAndUsername, pwd);

Open in new window

0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Michael SterlingWeb Applications DeveloperAuthor Commented:
here's my new code. i'm still receiving the same error. any suggestions?

    public bool IsAuthenticated(string domain, string username, string pwd)
    {
        bool authentic = false;
        try
        {
            //string test = "LDAP://" + domain + username + pwd;
            //DirectoryEntry entry = new DirectoryEntry("LDAP:\\" + domain, username, pwd);
            string domainAndUsername = domain + @"\" + username;
            DirectoryEntry entry = new DirectoryEntry("LDAP://",
                                                       domainAndUsername,
                                                         pwd);
            try
            {
                object nativeObject = entry.NativeObject;
                //lblConfirmationMsg.Text = "Successful LDAP Authentication! :)";
                //pnlUpdateConfirmation.Visible = true;
                authentic = true;
            }
            catch (DirectoryServicesCOMException dsce)
            {
                lblConfirmationMsg.Text = "Un-Successful LDAP Authentication! " + dsce.Message.ToString();
                pnlUpdateConfirmation.Visible = true;
            }
            return authentic;
        }
        catch (Exception ex)
        {
            throw new Exception("Error authenticating user. " + ex.Message);
        }
    }

Open in new window

0
guru_samiCommented:
It's the path: LDAP:\\ that needs to be something else....What I have used in past was like on in the variations like I provided earlier:

string _path="LDAP://dc1.corp.domain.com/DC=dc1,DC=corp,DC=domain,DC=com";
string domainAndUsername = "dc1\username";
DirectoryEntry entry = new DirectoryEntry( _path,domainAndUsername, pwd);

Open in new window


Ahh...found this code. Put in Page_Load of some test page.
DirectoryEntry root = new DirectoryEntry("LDAP://RootDSE");
            using (root)
            {
                string dnc = root.Properties["defaultNamingContext"][0].ToString();
                string server = root.Properties["dnsHostName"][0].ToString();

                string adsPath = String.Format(
                    "LDAP://{0}/{1}",
                    server,
                    dnc
                    );
                Response.Write(adsPath);
            } 

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Michael SterlingWeb Applications DeveloperAuthor Commented:
I will try this today
0
Michael SterlingWeb Applications DeveloperAuthor Commented:
Thank you.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
C#

From novice to tech pro — start learning today.