BuilderSpec
Programmer
Hi
I have some C# code that connects to an AD / LDS store. I can use Directory Search successfully to find and add members. The issue I am having is that I cannot authenticate a user name and password successfully. I have followed various internet suggestions and come up with the following code.
The line to validate the username and password is the context.ValidateCredentials one. IF the user happens to be a Windows user then it works i.e. it successfully validates it , however the users I need to add will be purely AD users only and it will not authenticate them even if I use the right password etc.
Has anyone had similar issues ? You can download tools to authenticate the user and they work i.e. it validates the user credentials but my code still does not. Anyone have any suggestions ? Is there an alternative to ValidateCredentials ?
any help appreciated
My code is :
using (PrincipalContext context = new PrincipalContext(ContextType.ApplicationDirectory, _LDAPServer, "cn=DDUsers," + _LDAPOU , _LDAPUser, _LDAPPassword))
{
if (context == null)
return 8;
UserPrincipal User = UserPrincipal.FindByIdentity(context, Username);
if (User != null)
{
bool locked = User.IsAccountLockedOut();
if (locked)
return 2;
else
{
string userPath = "cn=" + Username + ",OU=DD_Users," + _LDAPOU;
userPath = User.DistinguishedName;
/*
var du = User.GetUnderlyingObject() as DirectoryEntry;
var prop = du.Properties["displayName"];
prop.Value = "sysadmin@fgh-uk.com";
prop = du.Properties["accountExpires"];
prop.Value = "31/12/2017";
prop = du.Properties["accountExpires"];
prop.Value = "31/12/2017";
du.CommitChanges();
User.Enabled = true;
User.Save();
*/
bool pass = false;
if (User.LastPasswordSet == null)
{
var deUser = User.GetUnderlyingObject() as DirectoryEntry;
var property = deUser.Properties["pwdLastSet"];
property.Value = -1;
deUser.CommitChanges();
pass = context.ValidateCredentials(userPath, Password);
property.Value = 0;
deUser.CommitChanges();
}
else
{
pass = context.ValidateCredentials(Username,Password );
pass = context.ValidateCredentials(userPath, Password);
// pass = context.ValidateCredentials("hstd092", "Dor1s");
// pass = context.ValidateCredentials("doris-dev\\hstd092", "Dor1s");
}
return (pass) ? 0 : 1;
Hope this helps!
Regards
BuilderSpec
I have some C# code that connects to an AD / LDS store. I can use Directory Search successfully to find and add members. The issue I am having is that I cannot authenticate a user name and password successfully. I have followed various internet suggestions and come up with the following code.
The line to validate the username and password is the context.ValidateCredentials one. IF the user happens to be a Windows user then it works i.e. it successfully validates it , however the users I need to add will be purely AD users only and it will not authenticate them even if I use the right password etc.
Has anyone had similar issues ? You can download tools to authenticate the user and they work i.e. it validates the user credentials but my code still does not. Anyone have any suggestions ? Is there an alternative to ValidateCredentials ?
any help appreciated
My code is :
using (PrincipalContext context = new PrincipalContext(ContextType.ApplicationDirectory, _LDAPServer, "cn=DDUsers," + _LDAPOU , _LDAPUser, _LDAPPassword))
{
if (context == null)
return 8;
UserPrincipal User = UserPrincipal.FindByIdentity(context, Username);
if (User != null)
{
bool locked = User.IsAccountLockedOut();
if (locked)
return 2;
else
{
string userPath = "cn=" + Username + ",OU=DD_Users," + _LDAPOU;
userPath = User.DistinguishedName;
/*
var du = User.GetUnderlyingObject() as DirectoryEntry;
var prop = du.Properties["displayName"];
prop.Value = "sysadmin@fgh-uk.com";
prop = du.Properties["accountExpires"];
prop.Value = "31/12/2017";
prop = du.Properties["accountExpires"];
prop.Value = "31/12/2017";
du.CommitChanges();
User.Enabled = true;
User.Save();
*/
bool pass = false;
if (User.LastPasswordSet == null)
{
var deUser = User.GetUnderlyingObject() as DirectoryEntry;
var property = deUser.Properties["pwdLastSet"];
property.Value = -1;
deUser.CommitChanges();
pass = context.ValidateCredentials(userPath, Password);
property.Value = 0;
deUser.CommitChanges();
}
else
{
pass = context.ValidateCredentials(Username,Password );
pass = context.ValidateCredentials(userPath, Password);
// pass = context.ValidateCredentials("hstd092", "Dor1s");
// pass = context.ValidateCredentials("doris-dev\\hstd092", "Dor1s");
}
return (pass) ? 0 : 1;
Hope this helps!
Regards
BuilderSpec
