We have a product that uses Active Directory to authenticate users and provide user and admin groups on client systems.
We recently picked up a new client who uses Novell for authentication.
What I have tried:
I have found a way to ensure that the user is a member of the users or admin groups, but I cannot seem to figure out how to modify the SearchRequest field to validate that a username and password combination are valid.
Here is how I request user information to verify they are in a given group:
private static String _certificatePath;
private static String _server;
private static SearchResponse Query(String user, String pwd, out String error)
{
SearchResponse result = null;
error = String.Empty;
if (File.Exists(_certificatePath))
{
var identifier = new LdapDirectoryIdentifier(_server, false, false);
try
{
using (var connection = new LdapConnection(identifier))
{
connection.SessionOptions.ProtocolVersion = 3;
var cert = new X509Certificate();
cert.Import(_certificatePath, null, X509KeyStorageFlags.DefaultKeySet);
connection.ClientCertificates.Add(cert);
connection.AuthType = AuthType.External;
connection.AutoBind = false;
var request = new SearchRequest()
{
DistinguishedName = user,
Filter = "(objectClass=*)",
Scope = System.DirectoryServices.Protocols.SearchScope.Subtree,
};
result = (SearchResponse)connection.SendRequest(request);
}
} catch (Exception err)
{
error = String.Format("SDSP::Query {0}: {1}", err.GetType(), err.Message);
}
}
else
{
error = "The system cannot find the Cryptography Certificate at the path specified in the Application Configuration file.";
}
return result;
}
How would I create a SearchRequest to validate a user / pwd combination?