SimpleBind Authentication against Active Directory

0

I'm trying to authenticate login credentials against Active Directory (AD DS) using the following code:

using (var context = new PrincipalContext(ContextType.Domain, ipAddress))
{
    Console.WriteLine("Connected to {0}:", context.ConnectedServer);
    context.ValidateCredentials(username, password);
}

Where ipAddress is the address of the primary domain controller. However this gives the following error when attempting to read context.ConnectedServer:

System.DirectoryServices.DirectoryServicesCOMException (0x8007052E): The username or password is incorrect.

In addition to this issue I have the following constraints:

  • The production environment may or may not be on the domain.

  • The clients do not want to enter any privileged credentials to query the directory.

Due to this second constraint I have tried to execute a SimpleBind, but without much luck:

using (var context = new PrincipalContext(ContextType.Domain, 
                                          ipAddress, 
                                          null, 
                                          ContextOptions.SimpleBind, 
                                          usernameToValidate, 
                                          password))

Based on these constraints, how can I authenticate against Active Directory?

c#
asp.net
authentication
active-directory
ldap
asked on Stack Overflow Mar 17, 2014 by Brett Postin

1 Answer

1

I was able to authenticate using the following code:

using (var context = new PrincipalContext(ContextType.Domain, ipAddress))
{
    // NOTE! Username must be of the format domain\username
    return context.ValidateCredentials("domain\someuser", password, ContextOptions.SimpleBind);
}

The key part was to prefix the username with the short domain name. Once I did that, and specified SimpleBind in the call to ValidateCredentials instead of in the context constructor, it worked fine.

answered on Stack Overflow Mar 17, 2014 by Brett Postin

User contributions licensed under CC BY-SA 3.0