Validate domain against LDAP?

Posted by lucian.jp on Stack Overflow See other posts from Stack Overflow or by lucian.jp
Published on 2010-05-25T14:49:10Z Indexed on 2010/05/25 14:51 UTC
Read the original article Hit count: 351

Filed under:
|
|

I have a procedure to get the name of the logged user show on the site. I get it this way :

var winIdentity = (WindowsIdentity) HttpContext.Current.User.Identity;

if (winIdentity != null)
{
    string domainUser = winIdentity.Name.Replace(@"\", "/");
    string domain = winIdentity.Name.Split('\\')[0];
    string user = winIdentity.Name.Split('\\')[1];
    var myDe = new DirectoryEntry(ConfigurationManager.ConnectionStrings["LDAP"].ConnectionString, ConfigurationManager.AppSettings["LDAPCredentials"].Split(';')[0],
                                      ConfigurationManager.AppSettings["LDAPCredentials"].Split(';')[1]);
    var deSearcher = new DirectorySearcher(myDe) {Filter = "(&(sAMAccountName=" + user + "))"};

    SearchResult result = deSearcher.FindOne();
    if (result != null)
    {
        DirectoryEntry userDe = result.GetDirectoryEntry();
        lblNameAD.Text = string.Format(lblNameAD.Text, userDe.Properties["givenName"].Value,
                                      userDe.Properties["sn"].Value);
    }
    else
    {
        var adEntry = new DirectoryEntry("WinNT://" + domainUser);
        string fullname = adEntry.Properties["FullName"].Value.ToString();
        lblNameAD.Text = string.Format(lblNameAD.Text, !string.IsNullOrEmpty(fullname) ? fullname : user, null);
    }
}

Probleme id that if I have a local useraccount with the same username that one from LDAP, it passes the check and return the name.

EX: local\MyUser domain\MyUser

Both return the name from AD even if the one from local isn't a domain account. It would be perfect if I could search in LDAP for domainuser, but it seems I can't.

I also tried to restrict the DC with the DirectorySearcher but the domain name is "domain", but I only have "dc=dom" and "dc=com" and no DC for full domain name.

© Stack Overflow or respective owner

Related posts about c#

Related posts about ASP.NET