0

Structure of directory is like,

ou=system,ou=valeteck,cn=mayank

I have to check that the password entered by user is correct and match with user's password i.e of mayank.

But system and cn='mayank' have different passwords. If I create directory entry object with password of cn I didn't get authenticate with ldap but if I use system directory and its password I get authenticate but then how to check user's password.

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
mayank.karki
  • 750
  • 1
  • 9
  • 34
  • possible duplicate of [How to Authenticate LDAP in .NET](http://stackoverflow.com/questions/769268/how-to-authenticate-ldap-in-net) – Shai Aug 14 '12 at 12:53
  • Does [my response here help at all?](http://stackoverflow.com/questions/290548/c-sharp-validate-a-username-and-password-against-active-directory/499716#499716) - this is specifically for Active Directory – marc_s Aug 14 '12 at 14:57

2 Answers2

0
 private bool LoginS(string userName, string password)
        {
            bool authentic = false;
            try
            {
                DirectoryEntry entry = new DirectoryEntry(LDAP-Path, userName, password, AuthenticationTypes.Secure);
                authentic = true;


                Console.WriteLine("Authentication successful");

            }
            catch (DirectoryServicesCOMException e)
            {
                _logger.Error("Authentification error", e);
                //User doesnt exist or input is false

            }
            return authentic;
        }
user1586746
  • 161
  • 2
  • 7
0

There is even a more simple method provided to you by the Windows API using advapi32.dll .

Example:

[DllImport("advapi32.dll", EntryPoint = "LogonUserW", SetLastError = true, CharSet = CharSet.Auto)]
    public static extern bool LogOnUser(string lpszUserName, string lpszDomain, string lpszPassword,
        int dwLogOnType, int dwLogOnProvider, ref IntPtr phToken);

this method returns simply true or false if the user is indeed in the domain and has entered its Password correctly. Then you just make your own sign in method checking authentication against advapi32.dll .

public ActionResult SignIn(SignInModel model)
    {
        string domainName = CheckSignIn.GetDomainName(model.User.UserName);
        string userName = CheckSignIn.GetUserName(model.User.UserName);
        IntPtr token = IntPtr.Zero;
        bool result = CheckSignIn.LogOnUser(userName, domainName, model.User.UniqueUserCode, 2, 0, ref token);
        if (result)
        {
            if (!string.IsNullOrEmpty(Request.QueryString["ReturnUrl"]) && Request.QueryString["ReturnUrl"] != "/")
            {
                FormsAuthentication.RedirectFromLoginPage(model.User.UserName, false);
            }
            else
            {
                FormsAuthentication.SetAuthCookie(model.User.UserName, false);
                return RedirectToAction("MyVoyages", "Voyage");
            }
        }
        return SignIn(true);
    }

simple, yet powerfull.

Freeman
  • 5,691
  • 3
  • 29
  • 41