locked
Accessing a Non-AD LDAP Server using ASP.Net 2.0 RRS feed

  • Question

  • User1599431474 posted

    Hello,

    My unit is trying to query a non-AD LDAP server using ASP.Net 2.0. We are familiar with querying our own AD LDAP server using System.DirectoryServices, but cannot figure out how to query our main campus LDAP server which is not an AD LDAP server. Below is the code we have that allows us to bind to the server without an error. Any we try after that returns errors. We are just trying to access the CN and Mail attributes from the server. Any assistance or code examples you could provide would be greatly appreciated. Thanks.

    Dean

    LdapDirectoryIdentifier ldapident = new LdapDirectoryIdentifier("ldap.ourcampus.edu");<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p>

    LdapConnection ldap = new LdapConnection(ldapident);<o:p></o:p>

    ldap.AuthType = AuthType.Anonymous;<o:p></o:p>

    ldap.Bind();<o:p></o:p>

     

    Sunday, July 30, 2006 1:22 PM

All replies

  • User799417368 posted

    Try changing your authentication type to None instead of anonymous.

    ( AuthenticationTypes.None)

    Monday, July 31, 2006 5:15 PM
  • User1354132231 posted
    I think you mean AuthTypes.Basic (this is SDS.P, remember - not SDS).  That will use a simple bind and if you do not supply credentials (or use blank password, IIRC), it will come across as Anonymous to other directory.

    Monday, July 31, 2006 6:48 PM
  • User1599431474 posted

    Ryan and Janeen

    Thanks for your responses. We have never used the LdapConnection class before. What do we use after the bind to query the LDAP server, a DirectorySearcher or a SearchRequest? There are numerous code examples of how to query AD but not a non-AD LDAP Server. We want to search the LDAP server using the Mail attribute for the CN property. Any code examples you could provide would be greatly appreciated. Thanks.

    Dean

    Tuesday, August 1, 2006 12:58 AM
  • User1354132231 posted
    The SDS.P approach will use pure LDAP api with no ADSI.  The SDS approach will use ADSI and the two cannot be combined.  For 3rd party (non-AD/ADAM) directories, it is not a horrible idea to use SDS.P as it will skip all the AD-specific behaviors that ADSI can use.

    Since you cannot combine the two methods, you are limited to using only the classes in the .Protocols namespace - in this case the SearchRequest/SearchResponse pairs.

    There is an example of using this stuff on my blog:

    http://dunnry.com/blog/PagingInSystemDirectoryServicesProtocols.aspx

    When you setup your LdapConnection, simply use null for the NetworkCredential parameter and AuthType.Basic.  You should then be connecting Anonymously.

    It would look somewhat like this:

    LdapConnection lc = new LdapConnection(
                new LdapDirectoryIdentifier(server),
                null,
                AuthType.Basic
                );

    lc.Bind();

    lc.SessionOptions.ProtocolVersion = 3;
    lc.SessionOptions.SecureSocketLayer =  false; //if you pass creds probably should use

    Tuesday, August 1, 2006 4:40 PM
  • User799417368 posted

    I'm just learning too, but here is the code I have so far (work in progress)...Hope it's helpful.  It's bits and pieces from other examples I've found.

    Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click

    Dim ds As New DirectorySearcher

    Dim resultset As SearchResultCollection

    Dim result As SearchResult

    'Return the securityEquals field and the cn field

    Dim ResultFields() As String = {"securityEquals", "cn", "mail", "loginGraceRemaining"}

    Dim entry As New DirectoryEntry

    entry.AuthenticationType = AuthenticationTypes.None

    entry.Path = LDAP://xxxxxxx

     

    With ds

    .SearchRoot = entry

    .PropertiesToLoad.AddRange(ResultFields)

    .Filter = "cn=jluna"

    End With

    '***********Get Groups***************************

    Try

    Dim GroupString As String = Nothing

    Dim myresult As SearchResult = ds.FindOne()

    Dim propertyCount As String = myresult.Properties("securityEquals").Count

    Dim dn As String

    Dim equalsIndex, commaIndex As String

    For i As Integer = 0 To propertyCount - 1

    dn = myresult.Properties("securityEquals")(i)

    equalsIndex = dn.IndexOf("=", 1)

    commaIndex = dn.IndexOf(",", 1)

    If equalsIndex = -1 Then

    Response.Write("nothing")

    End If

    GroupString += dn.Substring((equalsIndex + 1), _

    (commaIndex - equalsIndex) - 1) & "<br>"

    Next

    Catch ex As Exception

    If ex.GetType Is GetType(System.NullReferenceException) Then

    ' Response.Write("does not have a group")

    Else

    ' Response.Write(ex.Message.ToString & ex.ToString)

    End If

    End Try

    Try

    'Perform the search

    resultset = ds.FindAll()

    Dim i As Integer = Nothing

    If resultset.Count > 0 Then

    Dim graceLogin As Integer

    For i = 0 To resultset.Count - 1

    For Each result In resultset

    graceLogin = System.Text.Encoding.UTF7.GetString(result.Properties("loginGraceRemaining")(i))

    Response.Write(CStr(graceLogin))

    Response.Write("<br>")

    Response.Write(result.Properties("mail")(i))

    Next

    Next

    If graceLogin < 6 Then

    Response.Write("<br>You need to change your password!")

    End If

    Else

    'No results

    Response.Write("No Data Found")

    End If

    Catch ex As Exception

    Response.Write("Error: ")

    Response.Write(ex.Message)

    End Try

    End Sub

    Monday, August 7, 2006 8:01 PM