0

i m trying to connect to Active Directory code that i have used

string domain = "domain.com.pk";
string container = "DC=mycompnay,DC=com,DC=pk";
string Admin = "salman.zafar";
string Password = "password";
using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, domain, container, Admin, Password))
            {
                string userPrincipalName = "dotnettest" + "@" + domain;

                // validate the credentials
                bool isValid = pc.ValidateCredentials(userPrincipalName, "Ascertia 12");                

if (isValid)             {
 UserPrincipal up = UserPrincipal.FindByIdentity(pc, IdentityType.UserPrincipalName, userPrincipalName);
                       }

code works fine when the code running on machine which is in domain but if i try to connect to the AD machine that is remote then i get error i tried to use

string domain = "192.168.0.150:389/domain.com.pk";

then it didn't work and validate credentials method always return false can some one help me how can i connect to remote active directory using IP with port with PrincipalContext or i have to use directory entry

any help will be appreciated

Salman
  • 1,266
  • 5
  • 21
  • 41
  • Don't you need trusted Active Directories to cross-connect? https://technet.microsoft.com/en-us/library/cc731404.aspx – Grecool Feb 25 '15 at 09:14
  • may be i couldnt get that is cross-connect because i m providing an admin user name and password for the domain who is a administrator i m using mvc app that will provide AD access and its dynamic because its configuration base user will provide IP host Administrator account and pwd and then through code i will see that can connect to AD and find a user and let him in – Salman Feb 25 '15 at 09:19

1 Answers1

2

First note:

code works fine when the code running on machine which is in domain

In this case, you do not need to provide adminuser+pw in the PrincipalContext constructor if the machine is a domain member (which I assume here).

If you want to connect to any other AD server (domain controller) with no trust between the foreign domain and the current domain, use the IP address or server name as the "domain" name:

string domain = "192.168.0.150";

If your goal is to just check if credentials are valid, you can even omit the admin user + pw:

string domainController = "192.168.0.150";

using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, domainController))
{
    string userPrincipalName = "dotnettest" + "@" + domain;

    // validate the credentials
    bool isValid = pc.ValidateCredentials(userPrincipalName, "Ascertia 12");    
}

In this case, however, you cannot have 

UserPrincipal up = UserPrincipal.FindByIdentity(...

because the PrincipalContext itself is not logged on.

You can also see my answer in a similar question: https://stackoverflow.com/a/28690682/4547223

or this SO article Validate a username and password against Active Directory?

Community
  • 1
  • 1
Rainer Schaack
  • 1,558
  • 13
  • 16