locked
LDAP over SSL error: The server is not operational RRS feed

  • Question

  • User-1963360689 posted

    Hi,

    I want to connect to LDAP over SSL and retrieve some user data.

    But i am having this error:

    "System.Runtime.InteropServices.COMException (0x8007203A): The server is not operational.
       at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
       at System.DirectoryServices.DirectoryEntry.Bind()
       at System.DirectoryServices.DirectoryEntry.get_NativeObject()"

    Notes:

    • .Net framework: 4.0
    • the ipAddress, username and password are correct
    • I am able to connect to ldap over ssl using ldp.exe utility
    • the firewall is correctly configured (allow both 389 and 636 port)

    Here the used code:

    static void Main(string[] args)
            {
                Console.WriteLine("Start test");
                
                bool res = false;
                try
                {
                    res = CreateConnection();
                    Console.WriteLine("\nCreateConnection: " + res);
                    res = LDAPSAuthenticate("<username>", "<password>");
                    Console.WriteLine("\nLDAPSAuthenticate: " + res);
                }
                catch (LdapException e)
                {
                    Console.WriteLine(e.Message);
                }
                catch (DirectoryOperationException e)
                {
                    Console.WriteLine(e.Message);
                }
                catch (Exception e)
                {
                    Console.WriteLine(e.Message);
                }
                
                Console.WriteLine("End test");
                Console.ReadLine();
            }
    
    
    static LdapConnection con;
            private static bool CreateConnection()
            {
                try
                {
                    con = new LdapConnection(
                            new LdapDirectoryIdentifier("<ipAddress>"));
                    con.SessionOptions.SecureSocketLayer = true;
                    con.SessionOptions.ProtocolVersion = 3;
                    con.SessionOptions.VerifyServerCertificate = new VerifyServerCertificateCallback(ServerCallback);
                    con.Credential = new NetworkCredential("ad\<username>", "<password>");//_domainAndUserName
                    con.AuthType = AuthType.Basic;
                    con.Timeout = new TimeSpan(1, 0, 0);
                    return true;
                }
                catch (LdapException)
                {
                    return false;
                }
                catch (Exception)
                {
                    return false;
                }
            }
    
            public static bool ServerCallback(LdapConnection connection, X509Certificate certificate)
            {
                return true;
            }
    
            public static bool LDAPSAuthenticate(String username, String pwd)
            {
                username = username.Trim();
                try
                {
                    con.Bind();
                    Console.WriteLine("Binded !");
                }
                catch (LdapException ex)
                {
                    throw new LdapException(ex.Message);
                }
                catch (DirectoryOperationException ex)
                {
                    throw new DirectoryOperationException(ex.Message);
                }
    
                try
                {
                    SearchRequest request = new SearchRequest(
                        "CN=Users",
                        "(&(objectClass=person)(SAMAccountName=" + username + "))",
                        System.DirectoryServices.Protocols.SearchScope.Subtree
                        );
    
                    SearchResponse response = (SearchResponse)con.SendRequest(request);
    
                    if (response.Entries.Count == 0)
                    {
                        return false;
                    }
                    else
                    {
                        SearchResultEntry entry = response.Entries[0];
                        string dn = entry.DistinguishedName;
    
                        con.Credential = new NetworkCredential(dn, pwd);
                        con.Bind();
                        return true;
                    }
                }
                catch (DirectoryOperationException ex)
                {
                    throw new DirectoryOperationException(ex.Message);
                }
                catch (LdapException ex)
                {
                    throw new LdapException(ex.Message);
                }
                catch (Exception ex)
                {
                    throw new LdapException(ex.Message);
                }
            }
        


    Thanks for hepl !

    Tuesday, December 25, 2012 11:50 AM

Answers

  • User-1963360689 posted

    Hi,

    Well, the problem was solved by replacing <ipaddress> with <dns>

    That's it ! Laughing

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, December 27, 2012 6:08 AM

All replies

  • User-1963360689 posted

    Hi,

    Well, the problem was solved by replacing <ipaddress> with <dns>

    That's it ! Laughing

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, December 27, 2012 6:08 AM
  • User-166373564 posted

    Hi,

    Thank you for sharing your solutions and experience here, and I come here to confirm and close the issue,

    welcome to post your question on ASP.NET Forums in your future programming.

    With kind regards

    Thursday, December 27, 2012 9:56 PM