PrincipalContext.ValidateCredentials 失败 "The server cannot handle directory requests."
PrincipalContext.ValidateCredentials fails with "The server cannot handle directory requests."
我有一个应用程序,其中用户根据我们的 Active Directory 进行身份验证:
private bool Authenticate()
{
using (var context = new PrincipalContext(ContextType.Domain, Environment.UserDomainName))
{
return context.ValidateCredentials(this.Username.Text.Trim(), this.Password.Text.Trim());
}
}
它工作了好几年。现在,我们的 Windows 7 台机器被 Windows 10 台机器取代,一些用户收到此错误:
The server cannot handle directory requests.
at System.DirectoryServices.Protocols.ErrorChecking.CheckAndSetLdapError(Int32 error)
at System.DirectoryServices.Protocols.LdapSessionOptions.FastConcurrentBind()
at System.DirectoryServices.AccountManagement.CredentialValidator.BindLdap(NetworkCredential creds, ContextOptions contextOptions)
at System.DirectoryServices.AccountManagement.CredentialValidator.Validate(String userName, String password)
at System.DirectoryServices.AccountManagement.PrincipalContext.ValidateCredentials(String userName, String password)
at DPI.FormLogin.Authenticate() in c:\Developing\Source\DPI\Client\DPI\FormLogin.cs:line 280
该错误仅对某些用户出现,并非始终如此。可能是跟win 10的安全设置比之前的win 7严格多了有关。
知道如何解决吗?如何查询当前连接的 LDAP 服务器?也许我们的服务器配置略有不同,问题仅限于可能配置错误的单个服务器。
是的,添加ContextOptions.Negotiate
解决了问题:
private bool Authenticate()
{
using (var context = new PrincipalContext(ContextType.Domain, Environment.UserDomainName))
{
return context.ValidateCredentials(this.Username.Text, this.Password.Text, ContextOptions.Negotiate);
}
}
我有一个应用程序,其中用户根据我们的 Active Directory 进行身份验证:
private bool Authenticate()
{
using (var context = new PrincipalContext(ContextType.Domain, Environment.UserDomainName))
{
return context.ValidateCredentials(this.Username.Text.Trim(), this.Password.Text.Trim());
}
}
它工作了好几年。现在,我们的 Windows 7 台机器被 Windows 10 台机器取代,一些用户收到此错误:
The server cannot handle directory requests.
at System.DirectoryServices.Protocols.ErrorChecking.CheckAndSetLdapError(Int32 error)
at System.DirectoryServices.Protocols.LdapSessionOptions.FastConcurrentBind()
at System.DirectoryServices.AccountManagement.CredentialValidator.BindLdap(NetworkCredential creds, ContextOptions contextOptions)
at System.DirectoryServices.AccountManagement.CredentialValidator.Validate(String userName, String password)
at System.DirectoryServices.AccountManagement.PrincipalContext.ValidateCredentials(String userName, String password)
at DPI.FormLogin.Authenticate() in c:\Developing\Source\DPI\Client\DPI\FormLogin.cs:line 280
该错误仅对某些用户出现,并非始终如此。可能是跟win 10的安全设置比之前的win 7严格多了有关。
知道如何解决吗?如何查询当前连接的 LDAP 服务器?也许我们的服务器配置略有不同,问题仅限于可能配置错误的单个服务器。
是的,添加ContextOptions.Negotiate
解决了问题:
private bool Authenticate()
{
using (var context = new PrincipalContext(ContextType.Domain, Environment.UserDomainName))
{
return context.ValidateCredentials(this.Username.Text, this.Password.Text, ContextOptions.Negotiate);
}
}