0

I am trying to authenticate user against LDAP using below code.

using (PrincipalContext context = new PrincipalContext(ContextType.Domain, ldap, "username", "password"))
{
    bool success = context.ValidateCredentials(useralias, password);
}

When I use ldap as "LDAP://z.y.org:389/ I receive as error saying "Unable to contact server" at the PrincipalContext initialization.

If I use ldap as "z.y.org:389/" it succeeds that steps and success is "true" if I use right credentials, but I can see two exceptions in "IntelliTrace" saying "The LDAP server is unavailable" when ValidateCredentails is executed. If I supply wrong credentials to this method if get false but still get same exceptions recorded in "IntelliTrace".

Any pointers to resolve the issue or debug on what is going on are highly appreciated.

user3731783
  • 718
  • 1
  • 7
  • 31
  • May be help http://stackoverflow.com/questions/11561689/using-c-sharp-to-authenticate-user-against-ldap – Nalaka Aug 11 '15 at 05:56
  • Is your code running on the same server? If not you're doing authentication over unsecured port. If you don't have `SSL` installed do so, otherwise if you do, then you need to switch port to `636`. – smr5 Aug 11 '15 at 22:59
  • I am curious if you ever found the cause of this error. I am currently experiencing the same issue, where `ValidateCredentials` will 'work' (return true or false properly) but I do get that LDAP server is unavailable exception that is caught and thrown away inside the call. – Justin Loveless Jul 06 '17 at 15:04

1 Answers1

0

If you want to authenticate, you can use following steps using PrincipalContext:

using(var context = new PrincipalContext(ContextType.Domain, "mydomain", "mydomain\serviceAcct", "serviceAcctPass")) 
{
     //Username and password for authentication.
     return context.ValidateCredentials(username, password);      
}

"serviceAcct" = an account within domain users that has permission for directory lookup. "serviceAcctPass" = password for that service account. As I said, for testing you can try with your own user/pass context.

Also, make sure supplied username has either "domain\username" or "username@domain" formatting.

Nalaka
  • 1,165
  • 7
  • 12
  • Thank you. Account that i am using has permission for directory lookup. Result is same if I user domain\account or just account. ValidateCredentails return correct value based on credentials supplied but it throws errors that are only captured in IntelliTrace. If I run with out debugging there are no errors. – user3731783 Aug 11 '15 at 06:50