Home
ASP.NET Forums » Data Access » Active Directory and LDAP » Map certificate to an account

Map certificate to an account

Last post 07-18-2008 6:46 AM by jeetn86vm. 3 replies.

Sort Posts:

  • Map certificate to an account

    07-10-2008, 6:41 AM
    • Loading...
    • jeetn86vm
    • Joined on 07-07-2008, 3:27 AM
    • Posts 9

    Hi,

    My next step is to map a certificate to a user I selected in my datagridview.

    I have following code to do so:

     

    1    private void btnKoppel_Click(object sender, EventArgs e)
2    {
3        EIDCard card = new EIDCard();
4        card.InitReader();
5        array = card.ReadAuthenticationCertificate();
6        x509.Import(array);
7        //tbNaam.Text = x509.GetIssuerName().ToString();
8        
9        //create LDAP connection object
10       String pad = dgvGebruikers.SelectedCells[2].Value.ToString();
11       //MessageBox.Show(pad);
12     
13       DirectoryEntry entry = new DirectoryEntry(pad);
14       //DataSet userDS = new DataSet();
15       entry.Properties["userCert"].Clear();
16       //this step may be necessary depending on the
17       //version of .NET and ADSI that you have
18       entry.CommitChanges();
19       entry.Properties["userCert"].Add(x509.GetRawCertData());
20       entry.CommitChanges(); 
21       //DirectorySearcher search = new DirectorySearcher(myLdapConnection);
22       //search.Filter = "OU=Interne gebruikers Stad Kortrijk";
23       //int i = search.Filter.Length;
24   
25       //SearchResultCollection result = search.FindAll();
26       //cbGroep.DataSource = result;
27       card.DoneReader();
28       MessageBox.Show("Het certificaat werd normaal gezien gekoppeld aan de gebruiker!");
29   }

    The code runs without errors, but the certificate is not mapped to the user.
     

  • Re: Map certificate to an account

    07-15-2008, 2:51 AM
    • Loading...
    • jeetn86vm
    • Joined on 07-07-2008, 3:27 AM
    • Posts 9

     Is there no one who has experience with this?

     Really could use the help :s
     

  • Re: Map certificate to an account

    07-15-2008, 5:00 AM
    • Loading...
    • jeetn86vm
    • Joined on 07-07-2008, 3:27 AM
    • Posts 9

    Maybe another question.

    I have requested all the values of an entry object. To that entry a certificate has been manually mapped via the AD name mappings.

     
    When I look at the list, I do not find a property with the name userCert or userCertificate.

    This can't be correct.

    A certificate is mapped to that account so he should find a property with that name.

     

    Anybody knows the answer to this? 

  • Re: Map certificate to an account

    07-18-2008, 6:46 AM
    Answer
    • Loading...
    • jeetn86vm
    • Joined on 07-07-2008, 3:27 AM
    • Posts 9

    I have solved the problem myself. Below is the solution:

     

     

    1    private void btnKoppel_Click(object sender, EventArgs e)
2            {
3                //Instantiate an object of the type EIDCard
4                EIDCard card = new EIDCard();
5                //Prepare the card to be able to read from it
6                card.InitReader();
7                try
8                {
9                    //Get the lenght from the Authentication certificate so you're able to make your byte[] that large
10                   lengte = card.ReadAuthenticationCertificate().Length;
11                   
12                   arrayAuth = new Byte[lengte];
13                   //Read the authenticationCertificate from the card and put in a byte[]
14                   arrayAuth = card.ReadAuthenticationCertificate();
15   
16                   //Get the path of your DirectoryEntry.
17                   String pad = dgvGebruikers.SelectedCells[2].Value.ToString();
18   
19                   //create LDAP connection object
20                   DirectoryEntry entry = new DirectoryEntry(pad);
21   
22                   //Import the byte[] with the AuthenticationCertificate in your X5092Certificate
23                   x5092.Import(arrayAuth);
24                   if (checkIfCertificateHasBeenMappedBefore(x5092, entry))
25                   {
26                   }
27                   else
28                   {
29   
30                       //Get the format, name and issuerName from the certificate
31                       String format = x5092.GetFormat();
32                       String name = x5092.GetName();
33                       String issuerName = x5092.GetIssuerName();
34   
35                       //Strip the data from the certificate so the spaces behind the "," are removed
36                       String formatStripped = format.Replace(", ", ",");
37                       String nameStripped = name.Replace(", ", ",");
38                       String issuerNameStripped = issuerName.Replace(", ", ",");
39   
40                       //Put the stripped data in an object
41                       object altSecId = formatStripped + ":<I>" + issuerNameStripped + "&lt;S>" + nameStripped;
42   
43                       /*
44                        * Check if the property "altSecurityIdentities" is null.
45                        * If not, remove the current value of that property and commit your changes.
46                        */
47                       try
48                       {
49                           if (entry.Properties["altSecurityIdentities"].Value != null)
50                           {
51                               entry.Properties["altSecurityIdentities"].Remove(entry.Properties["altSecurityIdentities"].Value); ;
52                               //This will make sure the changes have been executed in the AD.
53                               entry.CommitChanges();
54                           }
55                           //Add the new certificate to the "altSecurityIdentities" property.
56                           entry.Properties["altSecurityIdentities"].Add(altSecId);
57                           entry.CommitChanges();
58                           //Let the user know the certificate has been mapped to the useraccount.
59                           MessageBox.Show("Het certificaat werd normaal gezien aan de account van " + entry.Properties["displayName"].Value + " gekoppeld!");
60                       }
61                       catch (UnauthorizedAccessException uae)
62                       {
63                           MessageBox.Show("U hebt niet voldoende rechten om een certificaat te koppelen!");
64                       }
65                       catch (COMException ce3)
66                       {
67                           MessageBox.Show("De connectie met het netwerk werd verloren!\n\nGelieve uw connectie te bekijken.");
68                       }
69   
70                       //Let the card object know there will be no more reading.
71                       card.DoneReader();                    
72                   }
73               }
74               catch (NullReferenceException nre) 
75               {
76                   MessageBox.Show("Er is geen kaartlezer aangesloten of er zit geen kaart in de kaartlezer!");
77               }
78               catch (ArgumentException ae)
79               {
80                   MessageBox.Show("U hebt waarschijnlijk de kaart uit de kaartlezer gehaald of deze heeft geen goede connectie meer.\n" +
81                           "Gelieve de kaart opnieuw in de kaartlezer te plaatsen en opnieuw te proberen.");
82               }
83           }
     

     
Page 1 of 1 (4 items)
RSS Available

Advertise on ASP.NET

About this Site

Microsoft Communities
Page view counter