I'm new to LDAP. I want to do something basic in the normal, standard
way, but I'm confused.
When I log into a computer, I don't use my name, "Corey Trager", I use my
username, "ctrager". What part of the inetOrgPerson should contain the
"ctrager"? I assumed that "uid" was the attribute to use. So, below is a
snippet from an ldif file showing that I put "ctrager" in the "uid"
section.
But, when I tried to write the code to authenticate, I couldn't figure out
how to do it in one trip. Below that are some C# snippets showing me
trying to authenticate. In the first trip, I search for a user that has a
uid matching what was typed in. Then I save that user's cn and make a
second trip authenticating with the cn and password.
Is there a simpler way I'm missing, where I could do everything in one
trip?
# excerpt from ldif file
dn: cn=Corey Trager,ou=people,dc=mycompany,dc=com
sn: Trager
cn: Corey Trager
objectclass: inetOrgPerson
uid: ctrager
userpassword: mypassword
// First, search for a "cn" that has a "uid" that was entered
DirectoryEntry nRoot = new
DirectoryEntry("LDAP://127.0.0.1/dc=mycompany,dc=com");
nRoot.AuthenticationType = AuthenticationTypes.None;
DirectorySearcher nDS = new DirectorySearcher(nRoot);
nDS.SearchScope = System.DirectoryServices.SearchScope.Subtree;
nDS.Filter = "uid=" + sUserId;
SearchResult sr = nDS.FindOne();
string sCn = (string) sr.GetDirectoryEntry().Properties["cn"].Value;
// Now, try to authenticate
DirectoryEntry de = new DirectoryEntry(
"LDAP://127.0.0.1/dc=mycompany,dc=com",
"cn=" + sCn + ",ou=people,dc=mycompany,dc=com",
sPassword,
AuthenticationTypes.ServerBind);
---
You are currently subscribed to [EMAIL PROTECTED] as: [EMAIL PROTECTED]
To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the
SUBJECT of the message.
