In case anyone is interested. I coded up the following (ripped out from
some
other stuff, but it should get the point across):
....
using System.DirectoryServices.Protocols;
using System.Net;
using System.Security.Cryptography.X509Certificates;
....
LdapConnection ldapConnection = new LdapConnection(conn);
ldapConnection.SessionOptions.SecureSocketLayer = true;
ldapConnection.SessionOptions.VerifyServerCertificate =
MyVerifyServerCertificateCallback; // this for an internal server. I don't
care who signed what, or what the name is
....
// Anonymous
ldapConnection.AuthType = AuthType.Anonymous;
ldapConnection.Credential = null;
ldapConnection.Bind();
....
// Credentials
NetworkCredential creds = new NetworkCredential(dn, password);
ldapConnection.AuthType = AuthType.Basic;
ldapConnection.Bind(creds);
....
private bool MyVerifyServerCertificateCallback(LdapConnection ldap,
X509Certificate cert) {
return true; // We don't care!
}
Thanks again for the pointer Joe.
Michel
"Joe Kaplan" wrote:
> We don't really have many SDS.P samples in the book. We mostly focused
on
> SDS with SDS.P being more of an afterthought.
>
> The basic idea is to simply create an LdapConnection object, bind with
> Anonymous, execute your query, then bind again with creds and execute
your
> next query. Hopefully you'll be able to piece it together. If you get
> stuck, post your code and I'll see if I can provide a pointer.
>
> Joe K.
> --
> Joe Kaplan-MS MVP Directory Services Programming
> Co-author of "The .NET Developer's Guide to Directory Services
Programming"
> http://www.directoryprogramming.net
> --
> "Michel" <Michel@[EMAIL PROTECTED]
> wrote in message
> news:5AB9E758-9821-45F3-944E-182D5201FA6D@[EMAIL PROTECTED]
> >I think your section in chapter 2 answers my question. Let me try
modifying
> > the ansynchronous example in chapter 5.
> >
> > "Michel" wrote:
> >
> >> I was looking through your book. Is this covered in that books
somewhere?
> >>
> >> I am a bit worried this will turn into a bit of a quagmire. Any place
> >> where
> >> I could find some example code on how to approach this?
> >>
> >> "Joe Kaplan" wrote:
> >>
> >> > You should use S.DS.Protocols for this if you want this level of
> >> > control
> >> > over the LDAP connection state.
> >> >
> >> > Joe K.
> >> > --
> >> > Joe Kaplan-MS MVP Directory Services Programming
> >> > Co-author of "The .NET Developer's Guide to Directory Services
> >> > Programming"
> >> > http://www.directoryprogramming.net
> >> > --
> >> > "Michel" <Michel@[EMAIL PROTECTED]
> wrote in message
> >> > news:22C8F114-6A6B-4400-9EC3-4C9F56D11FEC@[EMAIL PROTECTED]
> >> > > Here is my scenario. I am using .Net with C# (Visual Studio 2005,
> >> > > .net 2)
> >> > > to
> >> > > access a Sun LDAP server using SSL. This all works fine. However,
one
> >> > > thing
> >> > > I'd like to do is to is:
> >> > > - connect to LDAP server over SSL
> >> > > - bind anonymously
> >> > > - run a query
> >> > > - unbind
> >> > > - rebind with a specified username/password
> >> > > - run a query
> >> > > - close the SSL connection down
> >> > > The key being that I only want to do the SSL key exchange once. I
> >> > > know
> >> > > this
> >> > > is possible, since I've done it using alternate technologies.
> >> > >
> >> > > So I coded it up as follows:
> >> > >
> >> > > entry = new DirectoryEntry(path, null, null,
> >> > > AuthenticationTypes.SecureSocketsLayer);
> >> > > searchOne(entry...); // The DirectorySearcher gets created
> >> > > here,
> >> > > etc.
> >> > > // Reset user/password info
> >> > > entry.Username = dn;
> >> > > entry.Password = password;
> >> > > searchOne(entry...);
> >> > >
> >> > > Even though this works, underneath the hood, I get 2 ssl
connections.
> >> > > Is
> >> > > there anyway to make this work?
> >> > >
> >> > > Hope this is clear. Thanks.
> >> >
> >> >
> >> >
>
>
>
|
