To preface, I've got a client and a server program, and the client connects to the server over SSL.
I'm looking for a way to verify, with Active Directory, a PrincipalContext or UserPrinicpal that is passed to a server, over the SSL tunnel. This is to verify the identity of the client. Does anyone know how I would go about doing this?
Or, does anyone know of a different/simpler way of doing this?
NOTE: If you want to authenticate user using LDAP, then it has already been answered here for how to "Validate a username and password against Active Directory?".
From what I can understand from your question, you simply want to search if the user exists in AD.
On the basis of my assumption, I've given a similar answer here on C# PrincipalContext only changes password for some users, not all, but that is a step-ahead of what you require. The subset of that answer answers your queries.
Sample code:
try
{ // assuming _userID is the user-id to be checked in AD.
PrincipalContext oPrincipalContext = new PrincipalContext(ContextType.Domain, "domain.name", "DC=domain,DC=name", ContextOptions.SimpleBind, "bindUserID", "bindPassword");
UserPrincipal oUserPrincipal = UserPrincipal.FindByIdentity(oPrincipalContext, _userID);
if(null != oUserPrincipal){
// user-id found and valid, continue further.
// If you want to authenticate user, go as per NOTE section in my answer instead.
}
else{
// return the message that the user-id could not be found.
// preferably the user-id should be **SamAccountName**
}
}
catch (Exception e)
{
message = e.ToString();
}
EDIT (Based on your comment):
J. Doe-> Despite the flack this might get me...It's going to be a broker between a DMZ and clients on an internal network.
It seems you're looking for something like ADFS. Read more about ADFS from MSDN.
