1

I am trying to connect to LDAP to authenticate the user. Here is my code, but i am cant able to set the SSL using my c# code. 

using LdapConnection = Novell.Directory.Ldap.LdapConnection;
using LdapException = Novell.Directory.Ldap.LdapException;

 var ldapHost = WebConfigurationManager.AppSettings["LDAP_HOST"];
 var ldapPort = WebConfigurationManager.AppSettings["LDAP_PORT"];

 connection.Connect(ldapHost, Convert.ToInt32(ldapPort));
 sb = new StringBuilder();
 sb.Append(ldapLocation).Append(userName).Append(",").Append(ldapLocationIndia);
 connection.Bind(LdapConnection.Ldap_V3, sb.ToString(), password);

I got a message from my application security team i am sending the plain password, So i try to secure that by setting the authentication type as secure by try setting the option by

connection.SessionOptions.SecureSocketLayer = true;

but i didnt see any Sessionoption in my connection object, I am using novel.ldap dll for my LDAP operation.

Any body help me please? How to send the password in a secure way over network for ldap server for authentication.

I am using port 636.

Thanks in advance

user1557020
  • 301
  • 3
  • 6
  • 20
  • are you familiar with google..? [Connect to LDAP using SSL](https://www.google.com/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=C%23%20connect%20to%20LDAP%20using%20SSL) – MethodMan Oct 23 '14 at 16:41
  • hellooo, i tried, my question is i am not getting sessionopions property in my connection object. That is my question ok. – user1557020 Oct 23 '14 at 16:43
  • here is an example http://stackoverflow.com/questions/10850860/how-do-i-validate-active-directory-creds-over-ldap-ssl – MethodMan Oct 23 '14 at 16:49
  • @DJKRAZE That example is using `System.DirectoryServices.Protocols.LdapConnection` not `Novell.Directory.Ldap.LdapConnection`. – Rup Oct 24 '14 at 00:15

1 Answers1

2

Skimming the API, I think it's just

connection.SecureSocketLayer = true;

without the SessionOptions before you call Connect.

If you just wanted to secure the Bind you could do that by calling connection.startTLS() beforehand and stopTLS() afterwards (see Samples\StartTLS.cs in the download), but it sounds like you want full ldaps if you're using port 636.

Rup
  • 33,765
  • 9
  • 83
  • 112
  • non of the above option is coming in connection object, am i missing any reference – user1557020 Oct 24 '14 at 17:27
  • And your connection object is an LdapConnection from the latest version of the Novell.Ldap SDK (2009-07-14 is the last entry in ChangeLog.txt)? If it's a plain Connection not an LdapConnection then I think you want `.Ssl` instead, but I think you need to work with LdapConnection really. – Rup Oct 24 '14 at 17:39
  • hi thanks, now its working fine, i have the old dll before, downloaded the recent version, working cool. Thanks a lot. – user1557020 Oct 24 '14 at 17:58
  • hi i am getting object reference error during connect after setting connection.SecureSocketLayer = true; but its working fine if comment the above code. any help please? – user1557020 Oct 25 '14 at 06:15