PrincipalContext::ValidateCredentials 抛出密码无效的 LdapException
PrincipalContext::ValidateCredentials throws LdapException with invalid password
我有一个 windows 应用程序,它正在尝试使用以下代码验证 Active Directory 上的用户/密码。
PrincipalContext^ pc = gcnew PrincipalContext(ContextType::Domain);
// validate the credentials
bool isValid = pc->ValidateCredentials(userName, password);
if(!isValid)
{
throw gcnew SecurityTokenValidationException("Invalid user ID / password");
}
UserPrincipal^ upUser = UserPrincipal::FindByIdentity(pc, userName);
if(upUser && !upUser->IsMemberOf(pc, IdentityType::SamAccountName, ADGroup))
{
String^ msg = "User " + userName + " is not a member of the " + ADGroup + " group.";
throw gcnew SecurityTokenValidationException(msg);
}
当 运行 此代码在 Visual Studio 2008 / .NET 3.5 / 32 位构建下时,如果我提供有效用户但密码无效,则 ValidateCredentials() returns 为假。
使用 Visual Studio 2013 / .NET 4.0 / 64 位构建,完全相同的代码抛出 LdapException:
System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable.
at System.DirectoryServices.Protocols.LdapConnection.Connect()
at System.DirectoryServices.Protocols.LdapConnection.BindHelper(NetworkCredential newCredential, Boolean needSetCredential)
at System.DirectoryServices.AccountManagement.CredentialValidator.lockedLdapBind(LdapConnection current, NetworkCredential creds, ContextOptions contextOptions)
at System.DirectoryServices.AccountManagement.CredentialValidator.BindLdap(NetworkCredential creds, ContextOptions contextOptions)
at System.DirectoryServices.AccountManagement.CredentialValidator.Validate(String userName, String password)
at System.DirectoryServices.AccountManagement.PrincipalContext.ValidateCredentials(String userName, String password)
at soapcon.ADUserNameValidator.Validate(String userName, String password)
如果我断开我的 PC 与网络的连接,我会得到一个 PrincipalServerDownException 异常,所以我很确定我实际上是在与我们的 AD 服务器通信。
这是我的代码问题、.NET 问题还是可能是由于我们的 Active Directory 服务设置太旧 (Windows 2000)?
我想知道不同的框架是否会使用不同的默认身份验证选项,您可以在这两种情况下尝试 .ValidateCredentials (String, String, ContextOptions) 重载吗?
根据评论,在重载中尝试这个 ContextOptions 标志:
ContextOptions::Negotiate | ContextOptions::Signing | ContextOptions::Sealing
我有一个 windows 应用程序,它正在尝试使用以下代码验证 Active Directory 上的用户/密码。
PrincipalContext^ pc = gcnew PrincipalContext(ContextType::Domain);
// validate the credentials
bool isValid = pc->ValidateCredentials(userName, password);
if(!isValid)
{
throw gcnew SecurityTokenValidationException("Invalid user ID / password");
}
UserPrincipal^ upUser = UserPrincipal::FindByIdentity(pc, userName);
if(upUser && !upUser->IsMemberOf(pc, IdentityType::SamAccountName, ADGroup))
{
String^ msg = "User " + userName + " is not a member of the " + ADGroup + " group.";
throw gcnew SecurityTokenValidationException(msg);
}
当 运行 此代码在 Visual Studio 2008 / .NET 3.5 / 32 位构建下时,如果我提供有效用户但密码无效,则 ValidateCredentials() returns 为假。
使用 Visual Studio 2013 / .NET 4.0 / 64 位构建,完全相同的代码抛出 LdapException:
System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable.
at System.DirectoryServices.Protocols.LdapConnection.Connect()
at System.DirectoryServices.Protocols.LdapConnection.BindHelper(NetworkCredential newCredential, Boolean needSetCredential)
at System.DirectoryServices.AccountManagement.CredentialValidator.lockedLdapBind(LdapConnection current, NetworkCredential creds, ContextOptions contextOptions)
at System.DirectoryServices.AccountManagement.CredentialValidator.BindLdap(NetworkCredential creds, ContextOptions contextOptions)
at System.DirectoryServices.AccountManagement.CredentialValidator.Validate(String userName, String password)
at System.DirectoryServices.AccountManagement.PrincipalContext.ValidateCredentials(String userName, String password)
at soapcon.ADUserNameValidator.Validate(String userName, String password)
如果我断开我的 PC 与网络的连接,我会得到一个 PrincipalServerDownException 异常,所以我很确定我实际上是在与我们的 AD 服务器通信。
这是我的代码问题、.NET 问题还是可能是由于我们的 Active Directory 服务设置太旧 (Windows 2000)?
我想知道不同的框架是否会使用不同的默认身份验证选项,您可以在这两种情况下尝试 .ValidateCredentials (String, String, ContextOptions) 重载吗?
根据评论,在重载中尝试这个 ContextOptions 标志:
ContextOptions::Negotiate | ContextOptions::Signing | ContextOptions::Sealing