ansaurus

Question

LDAP Authentication using DirectoryEntry

Answer 1

+1 A:

I don't know exactly why this ever worked :-) and therefore I cannot really explain why the other option works now....

If you work on .NET 3.5, you can use the System.DirectoryServices.AccountManagement namespace and easily verify your credentials:

// create a "principal context" - e.g. your domain (could be machine, too)
using(PrincipalContext pc = new PrincipalContext(ContextType.Domain, "YOURDOMAIN"))
{
    // validate the credentials
    bool isValid = pc.ValidateCredentials("myuser", "mypassword")
}

It's simple, it's reliable, it's 100% C# managed code on your end - what more can you ask for? :-)

Cheers, Marc

marc_s 2010-08-01 19:52:40

Thanks for reply reason iam asking for help is code is under production envoirment and there are different AD on different deployments.We need to understand when we require domain name with user and when we dont need it.

Buzz 2010-08-02 04:33:43

@buzz: typically, I would assume no domain - since the domain is really already part of the LDAP path. Also: typically I would use some LDAP name, e.g. the distinguished name `CN=Buzz Aldrin,CN=Users,DC=YourDomain,DC=com` rather than just a Windows user name...

marc_s 2010-08-02 04:45:28

Thanks it was usefull, if any one has explnation for existing scenario it will be helpfull because at this moment it is not easy to update code base, we are trying to identify what changes on AD could lead to this result.

Buzz 2010-08-02 06:00:28

ansaurus

tags:

views:

answers:

LDAP Authentication using DirectoryEntry

related questions