StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POAuthentication via LDAP
primarykey
Id
6131873
data
AcceptedAnswerId
6132217
AnswerCount
2
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2011-05-25T22:49:53.630
FavoriteCount
0
LastActivityDate
2011-06-26T14:25:22.340
LastEditDate
LastEditorUserId
0
OwnerUserId
639762
ParentId
0
PostTypeId
1
Score
0
ViewCount
483
LastEditorDisplayName
text
Body
I'm interested in how other people code this because I'm either not understanding it properly or I'm missing something or perhaps even I'm doing it right! First of all, this is NOT an Active Directory instance of LDAP its OpenDS which other than some syntactical differences shouldn't much matter. So assume I have my tree structure setup something like this: <pre><code>-dc=somedomain,dc=com -uid=rootuser -ou=Group1 -uid=username1 -uid=username2 -ou=Group2 -uid=username3 -uid=username4 </code></pre> In order to authenticate as the 'rootuser' I would need to pass the fully qualified Username when I create my System.DirectoryServices.DirectoryEntry object, in this case: uid=rootuser,dc=somedomain,dc=com but for any other user in the tree I have to know in advance what LDAP path to append to the username to have them authenticate thru. So for example this will fail: uid=username1,dc=somedomain,dc=com but this will work: uid=username1,dc=somedomain,dc=com,ou=Group1 So my question is how do you handle this when you don't know at login time what specific group a user belongs to to build that path? The only way I can figure to do it is to make the initial call as 'rootuser' so I have access to the entire tree then use System.DirectoryServices.DirectorySearcher to scan it for that particular user (i.e. username1) <pre><code>using (DirectorySearcher searcher = GetDirectorySearcher()) { searcher.Filter = "(&(objectClass=person)(uid=" + userName+ "))"; SearchResult result = searcher.FindOne(); return result.GetDirectoryEntry().Path; } </code></pre> at that point I have the path for the user I want to login and I can proceed with the actual auth. Am I way off base here or is this generally how it is done? thanks!
Tags
<authentication><ldap><opends>
Title
Authentication via LDAP
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USsnappymcsnap
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. This table or related slice is empty.
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.