1
Vote

Check username and passoword in AD

description

Is it possible to check if the given credentials are correct for user? Provided I have AD username and password, how can I check if those provided are correct using LinqToLdap? Or is such check out of scope of LinqToLdap? Thank you.

comments

MadHatter22 wrote Aug 21, 2016 at 12:08 AM

The best way is to try to bind to the directory and check the exception returned. This doesn't really need Linq to LDAP and can be done with raw S.DS.P. I can add an extension method to simplify this but each directory implementation will return a different Exception message. Here's code that works with Active Directory.

LdapConnection connection = null;
try
{
connection = new LdapConnection(_ldapServer);
connection.SessionOptions.ProtocolVersion = 3;
connection.Bind(new NetworkCredential(username, password, _domain));
}
catch (Exception ex)
{
connection?.Dispose();

if (ex.Message == "The supplied credential is invalid.") {
    //the user is not authenticated
}
else 
{
    throw;
}
}