Using LDAP Authenication

Jan 2, 2013 at 8:21 PM
Edited Jan 2, 2013 at 9:10 PM

My apologies for such a minor question, but I just found this library and I was wanting to use it to authenicate users for my website via LDAP.

I was trying figure out best way to do this.

Looks like I have to pass in query,username, password, ldap server  to make this work?

Not sure what I am supposed to put for query.  Also is there anything I should change like connection strings in my web config?

Which class would be best to see if this member if part of a certain group?

THanks

Directory mydir = new Directory(query,username,password,path);
bool myboo =mydir.Authenticate();
Jan 2, 2013 at 9:30 PM

Also,,, what is the difference in the different versions I see there is a Craigs Utility Library, then Events Namespaces and IO Namespace

Jan 3, 2013 at 3:23 PM

Well, is there an issue with the built in windows authentication in ASP.Net (http://support.microsoft.com/kb/323176)? Or are you trying to do some sort of hybrid forms/windows approach? I had to do that in the past (not fun). Just curious as the built in authentication may be the easier approach. But if you're doing something where you need the functionality, basically you would just do the following:

 

using(Directory mydir=new Directory("",username,password,path))
{
    bool mybool=mydir.Authenticate();
}

 

Where username and password are the individual user's username and password. Path would point to whatever LDAP server you wanted to authenticate against. To check if the user is part of a specific group, you would do the following:

using (Directory Dir = new Directory("", UserName, Password, Path))
{
    Entry User = Dir.FindUserByUserName(UserName);
    foreach (string MemberOf in User.MemberOf)
    {
        ...
    }
}

The MemberOf list will contain the list of groups they're a member of. However this only does the ones they are directly members of. So you may want to go this approach:

using (Directory Dir = new Directory("", UserName, Password, Path))
{
    bool mybool = Dir.FindGroupMembers(groupname, true)
                     .FirstOrDefault(x => x.SamAccountName == UserName) != null;
}

Note that groupname is the group's CN field in this case. But this will find the group members recursively (in case there are sub groups, etc), then find out if anyone has the proper user name, and if they do mybool will be true, false otherwise.

As far as the different versions. Craig's Utility Library is everything. Every namespace, every class, everything. The Events Namespace, IO Namespace, DataTypes Namespace, etc. are the individual namespaces broken out so, if you want to, you can pick and choose the items that you need. For instance, you may not need or want the image manipulation, web helpers, ORM, etc. and just want the IO, DataTypes, and LDAP namespaces. Note that if you do this, I suggest using NuGet as some of the namespaces require each other (for instance, DataTypes is required by almost everything as it has a ton of extension methods and classes that I use regularly).