开发者

AD authentication using Unicode

开发者 https://www.devze.com 2023-04-12 08:28 出处:网络
Just implemented AD Authentication in C# using: DirectoryEntry entry = new DirectoryEntry(_path, domainAndUsername, pwd, AuthenticationTypes.Secure);

Just implemented AD Authentication in C# using:

DirectoryEntry entry = 
  new DirectoryEntry(_path, domainAndUsername, pwd, AuthenticationTypes.Secure);

where _path is LDAP://+ full qualified domain name (eg. the ip of the domain controler).

Now I have to do the same using Delphi. So I found Solomon's excelent Delphi 2007 LDAP implementation at http://www.freemeg.com/index.php/projects/projects-2/15-delphi-ldap-authentication-component

  1. Have anyone a working version for Delphi 2009+ (unicode)?
  2. Have anyone a working sample with simple AD Authentication processing(eg. validating) d开发者_高级运维omain\userid and password?

In C# the nice part is that I don't need to traverse the AD - I simply performs a one level search via LDAP - just to check if the user is authenticated.


Tony Caduto have provided me with a Synapse solution:

I cut this stuff out of a authentication object I created, I don't want to post the whole thing since there is a bunch of other non related stuff in it.

This should get you going, the key is to concatenate the AD username with '@your.ad.domain.name' After you succesfully bind, you can then do searches against the AD directory by supplying a base DN and using the search function of the ldapsend unit.

I have found this to be faster than other methods and it's solid. You do need to get the trunk version of synapse so it works with the later versions of delphi.

uses ldapsend

var
    fldap:tldapsend;
    fad_domain,ausername,apassword:string;
begin
ausername:='your AD username';
apassword:='your AD password';
fldap := TLDAPSend.Create;
fad_domain:= 'your.ad.domain';
fldap.TargetHost:=fad_domain;
//next line is the key to getting AD authentication working
fldap.UserName := ausername+'@'+fad_domain;
fldap.Password := apassword;
try
   try
      if fldap.Login then
         if fldap.Bind then
            begin
                    //user is succesfully authenticated at this point

            end else
                raise exception.Create('LDAP bind failed.');
   except
         on e:exception do
            //whatever
   end;
finally
       fldap.logout;
       freeandnil(fldap);
end;
end;

Thanks to Tony!!!!

0

精彩评论

暂无评论...
验证码 换一张
取 消