AD w/ LDAP

C

Chandy

Hi,

I have found some sample code for accessing active directory using the
LDAP provider to check a user's credentials. The sample looks good
but I do not understand the point of two lines.

public bool AuthenticateUser(string domain, string username, string2.
password)
{
string domainAndUsername = domain + @"\" + username;
DirectoryEntry entry = new DirectoryEntry( LDAPPATH,
domainAndUsername, password);
try
{
Object obj = entry.NativeObject;
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + username + ")";
search.PropertiesToLoad.Add("cn");
SearchResult result = search.FindOne();
if(null == result)
{
return false;
}
LDAPPATH = result.Path;
}
catch (Exception ex)
{
throw new Exception("Error authenticating user." + ex.Message);
}
return true;
}

Can someone tell me what are the lines;
Object obj = entry.NativeObject;
and
LDAPPATH = result.Path;
are for?

Thanks,

Chandy
 
N

Nicholas Paldino [.NET/C# MVP]

Chandy,

It doesn't look like obj is used for anything. However, the LDAPPATH
looks like it might be a class-level variable which is being set when the
search is successful. You can probably omit the obj variable, but without
seeing the rest of the class definition, I can't say you should take out
LDAPPATH.

Hope this helps.
 
M

Marc Scheuner [MVP ADSI]

public bool AuthenticateUser(string domain, string username, string2.
password)
{
string domainAndUsername = domain + @"\" + username;
DirectoryEntry entry = new DirectoryEntry( LDAPPATH,
domainAndUsername, password);
try
{
Object obj = entry.NativeObject;
Click to expand...

This gets the "native", ADSI COM object "behind" your .NET
DirectoryEntry. This is of type IADs or any inherited type (e.g.
IADsUser for a user object). You probably don't really need this,
there are a few more advanced functions that can only be used with a
legacy-style ADSI COM object (rather than the .NET DirectoryEntry
object).
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + username + ")";
search.PropertiesToLoad.Add("cn");
SearchResult result = search.FindOne();
LDAPPATH = result.Path;
Click to expand...

You are searching your directory for a particular user, given the
NetBIOS domain name, and your "pre-Win2000" user name (also known as
SAMAccountName), something like "SAMPLE\JohnDoe".

What you get back from LDAP / AD when you do a search, by looking at
the .Path of the search result, is the LDAP-style distinguished name
of the user object, e.g. something like:

cn=John Doe,ou=Research,ou=HQ,dc=sample,dc=com

Marc

================================================================
Marc Scheuner May The Source Be With You!
Bern, Switzerland m.scheuner(at)inova.ch
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

How to get memberOf groups for a user in ldap ? 1
How can i connect LDAP and query AD to authorize Domain User Name and Password? 0
Another block of C# code to convert 6
Authenticate user in OpenLDAP with username and password 3
How to fetch attributes of LDAP entry? 3
Update active directory user from Windows Service 2
Active directory 8
DirectorySearcher.FindAll() causes Unspecified Error in C# but not in VB.NET 5

Top