0

I am having difficulty writing a module that can perform LDAP authentication.

When I put the following line in my browser and hit enter, Windows Contacts application will show me the record from the server so I know this is the correct location to connect to:

ldap://directory.abc.edu/uid=asmith,ou=People,o=abc.edu

but then when I want to use the same thing in code, I get an "Invalid dn syntax" error message.

Here is my code:

public void LDAPResult()
        {           
            using (DirectoryEntry root = new DirectoryEntry(string.Format(@"LDAP://directory.abc.edu/uid=asmith,ou=People,o=abc.edu")))
            {
                using (DirectorySearcher searcher = new DirectorySearcher(root))
                {
                    //This following line give me the error
                    **SearchResultCollection results = searcher.FindAll();**

//The rest is not actually important, I never get there to see if it works properly.
                    StringBuilder summary = new StringBuilder();
                    foreach (SearchResult result in results)
                    {
                        foreach (string propName in result.Properties.PropertyNames)
                        {
                            foreach (string s in result.Properties[propName])
                            {
                                summary.Append(" " + propName + ": " + s + "\r\n");
                            }
                        }
                        summary.Append("\r\n");
                    }
                    Console.WriteLine(summary);
                }
            }            
        }

Any help with this is so highly appreciated. Thanks,

kmatyaszek
  • 19,016
  • 9
  • 60
  • 65
Amir Tofighi
  • 287
  • 2
  • 4

2 Answers2

1

I am not sure what LDAP directory you are connecting to, but your DN doesn't look quite right.

Especially the "o=abc.edu" part. In Active Directory (the directory I am most familiar with) the The DN would end up being uid=asmith,ou=People,dc=abc,dc=edu. Notice that abc and edu are distinctly different parts. Since you are using O instead of DC I am guessing that the directory is not AD, but the parts of the domain name might still be represented using two o's. o=abc,o=edu perhaps?

John Bowers
  • 1,695
  • 1
  • 16
  • 26
  • quite right. Amir, did you really put a dot into RDN of "o=" level object? – Piotr Wadas Sep 21 '12 at 19:46
  • Hmm, That was a good point. I fixed that and I was still getting the same error, "dn syntax error" but then I changed it to the following format and the error message changed. The format I am using now is: using (DirectoryEntry root = new DirectoryEntry(string.Format(@"LDAP://CN=directory.gmu.edu,OU=People,DC=gmu,DC=edu"))) Now when I run the programs it takes a while and then it says "A referral was returned from the server" Can anyone tell me what this means and what I should do now? Thanks a lot for your help John. – Amir Tofighi Sep 26 '12 at 19:53
  • 1
    According the documentation for the DirectorySearching class, the directory entry you are passing to the searcher is the root for the search. So you probably want to simply pass "LDAP://OU=People,DC=gmu,DC=edu". People might be a Container instead of an OU though, so you might want also try "LDAP://CN=People,DC=gmu,DC=edu". If you are searching an AD domain controller the default location for users is actually CN=Users, so you might also try "LDAP://CN=users,dc=gmu,dc=edu". – John Bowers Sep 26 '12 at 23:26
  • John, Thanks for your help. I am still getting 'A referral was returned from the server.' for all of these. Do you know a way that I can at the very least check to see if I can connect to the LDAP server? or get a general response back, like list of everything or at list a directory structure? The thing is that when I put the following line in the browser, I get the record back! ldap://directory.abc.edu/uid=asmith,ou=People,o=abc.edu I have also a PHP application that is communicating correctly with the LDAP server, but I can't do the same thing in C#. What does this tell you? Thanks again! – Amir Tofighi Sep 27 '12 at 13:58
0

You should probably look here

Connecting to LDAP from C# using DirectoryServices

and here

LDAP Directory Entry in .Net - not working with OU=Users

especially for "new DirectoryEntry(...)" usage :)

Community
  • 1
  • 1
Piotr Wadas
  • 1,838
  • 1
  • 10
  • 13