Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

How to connect without domain?

See original GitHub issue

Hello!

Thank you for your library. My code:

using (var conn = new LdapConnection())
{
    conn.Connect("192.168.55.111", 389);
    conn.Bind("balkarov@some.office", "password");
}

This is work. But could I check password without domain? For example conn.Bind("balkarov", "password");

PS: in c I can use ContextType.Domain

I try this conn.Bind("CN=balkarov,OU=Company,DC=Some,DC=Office", "password"); but this does not work

Issue Analytics

State:
Created 6 years ago
Comments:26 (3 by maintainers)

Top GitHub Comments

3reactions

trsprogeekatlargecommented, Nov 7, 2017

@balkarov Sorry to show up late to the party. Years of dealing with LDAP for AAA in various apps leads me to confirm what @OskarKlintrot has suggested. The most commonly used method I’ve seen across a wide variety of LDAP-enabled cross-platform apps is to use a service account to do the initial bind, search for the user (either by samAccountName or mail attribute), then use the password provided at login to attempt another bind to LDAP with the login form password and the “found” user DN. Exception/error handling at this stage is always the “fun” part.

Hope it helps to at least know you aren’t alone, this is how we’ve done it for ages in other frameworks that aren’t so tightly windows integrated. I never expected to be doing it in .NET to talk to AD! 😃

2reactions

balkarovcommented, Nov 1, 2017

@OskarKlintrot I found my problem. CN - is not username. CN - is name and surname.

Now (temperary) we have created via search filter by your suggestion. We created root user which username has domain (looks like username@domain.com)

var searchBase = "OU=Polymedia,DC=Polym2,DC=Office";
conn.Connect("192.168.55.111", 389);
conn.Bind("admin@some.office", "adminpassword");
var result = conn.Search(
    searchBase,
    LdapConnection.SCOPE_SUB,
    "(&(objectclass=*)(samaccountname=balkarov))",
    null,
    false
);
var user = result.hasMore() ? result.next() : null;

if (user != null)
{
    conn.Bind(user.DN, "password");
}

This is temporary solution. If I found another method I will tell you. Thanks guys