I have code (VB.NET, .Net 2.0) that authenticates to Novell Edirectory
over LDAP (below). I need to change it to work over SSL, but I can't
get it to work.
Dim dn As String = "cn=" & username & ",ou=users,o=org"
Dim path As String = "LDAP://sub.domain.com"
Dim entry As DirectoryEntry = New DirectoryEntry(path, dn,
pwd, AuthenticationTypes.FastBind)
I have tried changing the AuthenticationType to SecureSocketsLayer
(which is suggested in this article
http://www.codeproject.com/KB/system/arbauthentication.aspx),
but that gives the error: "The server is not operational". I can see
from the netstat that it is using ldaps....
TCP r2d2:1295 sub.domain.com:ldaps TIME_WAIT
TCP r2d2:1297 sub.domain.com:ldaps TIME_WAIT
Another potential issue is that it is a self signed certificate, not
one from a trusted CA. From this thread I suspect that may be the
issue.
http://groups.google.com/group/microsoft.public.adsi.general/browse_thread/thread/a120749f1c1522b4/ec3a9651db205107?hl=en&lnk=st&q=edirectory+directoryentry+error+bind#ec3a9651db205107
This article suggests adding the cert to the "Windows certificate
store", unfortunately I don't know what that means. I have googled for
it but it's a vague term.
http://forge.novell.com/pipermail/activex_ldap-dev/2004-December/000857.html
Does anyone have a suggestion?
|
