I am using the code below to authenticate users through LDAP, but its not working. I only get this message "Your are not Authorized User" which is part of my script. Please help. Thank you.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Net;
using System.DirectoryServices;
namespace ldap120211
{
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btnLogin_Click(object sender, EventArgs e)
{
string strDomain = "ldap://10.20.205.41:389";
NetworkCredential _objNetWorkC = new NetworkCredential(txtUserID.Text, txtPassword.Text, strDomain);
if (AuthenticateAndGetUserDataFromAD(txtUserID.Text, strDomain, txtPassword.Text))
{
this.Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "javascript:alert('Hi You are autheticated user');", true);
}
else
{
this.Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "javascript:alert('Your are not Authorized User !!!!');", true);
}
}
public bool AuthenticateAndGetUserDataFromAD(string strusername, string strDomain, string strPassword)
{
string strRootDN = string.Empty;
DirectoryEntry objDseSearchRoot = null, objDseUserEntry = null;
DirectorySearcher objDseSearcher = null;
SearchResultCollection objResults = null;
string strLDAPPath = string.Empty;
try
{
/* Give LDAP Server IP along with OU
* e.g : LDAP://29.29.29.29:389/DC=YourDomain,DC=com"
*/
strLDAPPath = "ldap://10.20.205.41:389/ou=IT,ou=ADMINISTRATION,o=university";
string strDomainname = strDomain;
objDseSearchRoot = new DirectoryEntry(strLDAPPath, strDomainname + "\\" + strusername, strPassword, AuthenticationTypes.None);
strRootDN = objDseSearchRoot.Properties["defaultNamingContext"].Value as string;
objDseSearcher = new DirectorySearcher(objDseSearchRoot);
objDseSearcher.CacheResults = false;
objResults = objDseSearcher.FindAll();
if (objResults.Count > 0)
{
objDseUserEntry = objResults[0].GetDirectoryEntry();
}
if (objDseUserEntry == null)
{
return false;
}
}
catch (Exception e)
{
return false; ;
}
finally
{
//Dipose Object Over Here
}
return true;
}
}
}
My best suggestion would be to fire up your debugger, put a breakpoint on the btnLogin_Click and F11 to step through to see what you get back from the AD. Post what you get in the debugger and we'll go from there.
I did, it takes me to the web form. After i type-in my username and password into Textboxes, i get this message when i click on signin button "Your are not Authorized User !!!!".
Are you doign this from inside Visual Studio? If so, press F5, then allow it to debug. It should stop at the point where you set the breakpoint and then you can press F11 to step through the routine one line at a time. Keep an eye on your variables. Also,
if you have some helper class out there that goes and looks at your domain, you can F11 through that to see what the AD is saying.
Yes i did put a breakpoint after btnLogin_Click. When i type in the username and password into Textboxes, it doesnt show any messages like it did earlier. It requires "AuthenticateAndGetUserDataFromAD" for it to authenticate username
and password in the Textboxes.
I think the structure for strLDAPPath is not correct. This might be the issue to this project.
IF i manually expand my information in the LDAP, this is how it looks like.
Let's try the most basic for the ldap string, just specify ldap://10.20.205.41:389/cn=JSmith,o=University and let me know what you get that way. Once we get a working ldap string, then we can start narrowign down the query.
spyxdaxworld
Member
431 Points
232 Posts
LDAP authentication
Dec 02, 2011 04:16 PM|LINK
I am using the code below to authenticate users through LDAP, but its not working. I only get this message "Your are not Authorized User" which is part of my script. Please help. Thank you.
using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.UI; using System.Web.UI.WebControls; using System.Net; using System.DirectoryServices; namespace ldap120211 { public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { } protected void btnLogin_Click(object sender, EventArgs e) { string strDomain = "ldap://10.20.205.41:389"; NetworkCredential _objNetWorkC = new NetworkCredential(txtUserID.Text, txtPassword.Text, strDomain); if (AuthenticateAndGetUserDataFromAD(txtUserID.Text, strDomain, txtPassword.Text)) { this.Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "javascript:alert('Hi You are autheticated user');", true); } else { this.Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "javascript:alert('Your are not Authorized User !!!!');", true); } } public bool AuthenticateAndGetUserDataFromAD(string strusername, string strDomain, string strPassword) { string strRootDN = string.Empty; DirectoryEntry objDseSearchRoot = null, objDseUserEntry = null; DirectorySearcher objDseSearcher = null; SearchResultCollection objResults = null; string strLDAPPath = string.Empty; try { /* Give LDAP Server IP along with OU * e.g : LDAP://29.29.29.29:389/DC=YourDomain,DC=com" */ strLDAPPath = "ldap://10.20.205.41:389/ou=IT,ou=ADMINISTRATION,o=university"; string strDomainname = strDomain; objDseSearchRoot = new DirectoryEntry(strLDAPPath, strDomainname + "\\" + strusername, strPassword, AuthenticationTypes.None); strRootDN = objDseSearchRoot.Properties["defaultNamingContext"].Value as string; objDseSearcher = new DirectorySearcher(objDseSearchRoot); objDseSearcher.CacheResults = false; objResults = objDseSearcher.FindAll(); if (objResults.Count > 0) { objDseUserEntry = objResults[0].GetDirectoryEntry(); } if (objDseUserEntry == null) { return false; } } catch (Exception e) { return false; ; } finally { //Dipose Object Over Here } return true; } } }bbcompent1
All-Star
33063 Points
8516 Posts
Moderator
Re: LDAP authentication
Dec 02, 2011 04:39 PM|LINK
My best suggestion would be to fire up your debugger, put a breakpoint on the btnLogin_Click and F11 to step through to see what you get back from the AD. Post what you get in the debugger and we'll go from there.
spyxdaxworld
Member
431 Points
232 Posts
Re: LDAP authentication
Dec 02, 2011 04:59 PM|LINK
I did, it takes me to the web form. After i type-in my username and password into Textboxes, i get this message when i click on signin button "Your are not Authorized User !!!!".
bbcompent1
All-Star
33063 Points
8516 Posts
Moderator
Re: LDAP authentication
Dec 02, 2011 05:01 PM|LINK
Are you doign this from inside Visual Studio? If so, press F5, then allow it to debug. It should stop at the point where you set the breakpoint and then you can press F11 to step through the routine one line at a time. Keep an eye on your variables. Also, if you have some helper class out there that goes and looks at your domain, you can F11 through that to see what the AD is saying.
spyxdaxworld
Member
431 Points
232 Posts
Re: LDAP authentication
Dec 02, 2011 06:05 PM|LINK
Yes i did put a breakpoint after btnLogin_Click. When i type in the username and password into Textboxes, it doesnt show any messages like it did earlier. It requires "AuthenticateAndGetUserDataFromAD" for it to authenticate username and password in the Textboxes.
bbcompent1
All-Star
33063 Points
8516 Posts
Moderator
Re: LDAP authentication
Dec 02, 2011 06:10 PM|LINK
Ok, move the breakpoint to the first line of the AuthenticateAndGetUserDataFromAD and step through that.
spyxdaxworld
Member
431 Points
232 Posts
Re: LDAP authentication
Dec 02, 2011 07:06 PM|LINK
I think the structure for strLDAPPath is not correct. This might be the issue to this project.
IF i manually expand my information in the LDAP, this is how it looks like.
ldap://10.20.205.41:389/cn=JSmith,ou=IT,ou=ADMINISTRATION,o=University
There're two groups memebership afflicated with the user:
GroupMemeberShip: cn=IT_Group,ou=IT,ou=ADMINISTRATION,o=University
Below is the group memebership that every users has in common:
GroupMemeberShip:cn=Everyone,ou=GROUPS,o=University
How can i make it work? Thank you for walking me through this so far.
bbcompent1
All-Star
33063 Points
8516 Posts
Moderator
Re: LDAP authentication
Dec 02, 2011 07:15 PM|LINK
Let's try the most basic for the ldap string, just specify ldap://10.20.205.41:389/cn=JSmith,o=University and let me know what you get that way. Once we get a working ldap string, then we can start narrowign down the query.
spyxdaxworld
Member
431 Points
232 Posts
Re: LDAP authentication
Dec 02, 2011 07:42 PM|LINK
It still says "You are not autherized user". I did the break earlier, everything seems fine. I looked through line by line.
string strDomain="ldap://10.20.205.41:389"
strLDAPPath ="ldap://10.20.205.41:389/cn=JSmith,o=University"
spyxdaxworld
Member
431 Points
232 Posts
Re: LDAP authentication
Dec 02, 2011 07:49 PM|LINK
When i put break right next to strLDAPPath ="ldap://10.20.205.41:389/cn=JSmith,o=University", i get this: