1. <legend id='ACa2g'><style id='ACa2g'><dir id='ACa2g'><q id='ACa2g'></q></dir></style></legend>

          <bdo id='ACa2g'></bdo><ul id='ACa2g'></ul>
      1. <small id='ACa2g'></small><noframes id='ACa2g'>

        <tfoot id='ACa2g'></tfoot>

      2. <i id='ACa2g'><tr id='ACa2g'><dt id='ACa2g'><q id='ACa2g'><span id='ACa2g'><b id='ACa2g'><form id='ACa2g'><ins id='ACa2g'></ins><ul id='ACa2g'></ul><sub id='ACa2g'></sub></form><legend id='ACa2g'></legend><bdo id='ACa2g'><pre id='ACa2g'><center id='ACa2g'></center></pre></bdo></b><th id='ACa2g'></th></span></q></dt></tr></i><div id='ACa2g'><tfoot id='ACa2g'></tfoot><dl id='ACa2g'><fieldset id='ACa2g'></fieldset></dl></div>
      3. 将 StartTLS 与 System.DirectoryServices 中的 LDAP 结合使用

        Using StartTLS with LDAP from System.DirectoryServices(将 StartTLS 与 System.DirectoryServices 中的 LDAP 结合使用)

          <tbody id='OZrcE'></tbody>

        <small id='OZrcE'></small><noframes id='OZrcE'>

        <legend id='OZrcE'><style id='OZrcE'><dir id='OZrcE'><q id='OZrcE'></q></dir></style></legend>
          • <bdo id='OZrcE'></bdo><ul id='OZrcE'></ul>

              <tfoot id='OZrcE'></tfoot>
              <i id='OZrcE'><tr id='OZrcE'><dt id='OZrcE'><q id='OZrcE'><span id='OZrcE'><b id='OZrcE'><form id='OZrcE'><ins id='OZrcE'></ins><ul id='OZrcE'></ul><sub id='OZrcE'></sub></form><legend id='OZrcE'></legend><bdo id='OZrcE'><pre id='OZrcE'><center id='OZrcE'></center></pre></bdo></b><th id='OZrcE'></th></span></q></dt></tr></i><div id='OZrcE'><tfoot id='OZrcE'></tfoot><dl id='OZrcE'><fieldset id='OZrcE'></fieldset></dl></div>
                  本文介绍了将 StartTLS 与 System.DirectoryServices 中的 LDAP 结合使用的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

                  问题描述

                  我正在尝试连接到需要 StartTLS 的 LDAP 服务器,但运气不佳 - 每当我使用 SessionOptions.StartTransportLayerSecurity(..) 或将 SessionOptions.SecureSocketLayer 设置为 true 时,都会出现异常.

                  I'm trying to connect to an LDAP server which requires StartTLS, but having no luck - whenever I use either the SessionOptions.StartTransportLayerSecurity(..) or set SessionOptions.SecureSocketLayer to true, I get exceptions.

                  这是我正在使用的代码:

                  Here's the code I'm using:

                  using (var connection = new LdapConnection(new LdapDirectoryIdentifier(config.LdapServer, config.Port, false, false)))
                  {
                      connection.SessionOptions.ProtocolVersion = 3;
                      connection.Credential = new NetworkCredential(config.BindDN, config.BindPassword);
                      connection.SessionOptions.VerifyServerCertificate += (conn, cert) => {return true;};
                      connection.AuthType = AuthType.Basic;
                      //connection.SessionOptions.SecureSocketLayer = true;
                      connection.SessionOptions.StartTransportLayerSecurity(null); // throws here, same if done after bind.
                      connection.Bind();
                  
                      ... do stuff with connection
                  }
                  

                  产生的异常是TlsOperationException: An unspecified error occurred",在调用 StartTransportLayerSecurity 方法时发生.

                  The resulting exception is "TlsOperationException: An unspecified error occurred", which happens when invoking the StartTransportLayerSecurity method.

                  我已经针对 OpenLDAP 服务器和 Active Directory 测试了代码,但都不起作用.

                  I've tested the code against both and OpenLDAP server and Active Directory, but neither works.

                  有谁知道如何让 StartTLS 与 System.DirectoryServices 一起工作?

                  Does anyone know how to get StartTLS working with System.DirectoryServices?

                  推荐答案

                  在这个问题上做了更多的工作后,我发现我遇到了几个问题:

                  After a bit more work on this issue I found that I was running up against a couple of issues:

                  1. 在我们的测试套件中连接到 AD 时,端口号被错误地更改为 SSL 端口 (636) 的代码中存在错误(doh!).
                  2. OpenLDAP 测试服务器(我们客户的副本)使用的是 openldap-2.4.18 - StartTLS 存在已知问题.

                  对 OpenLDAP 应用补丁后(如此处所述 - http://www.openldap.org/lists/openldap-bugs/200405/msg00096.html)我们能够修复#2 - 此时我们开始收到不同的错误发生本地错误".

                  After applying a patch to OpenLDAP (as discussed here - http://www.openldap.org/lists/openldap-bugs/200405/msg00096.html) we were able to fix #2 - at which point we started getting a different error "A local error occurred".

                  虽然最初我们有这个代码:

                  Though originally we had this code:

                  connection.SessionOptions.VerifyServerCertificate 
                      += (conn, cert) => {return true;};
                  

                  我们在测试时删除了它,因为 OpenLDAP 服务器使用的是自签名证书,所以它不在受信任的存储中.重新引入该回调解决了此问题,尽管我们现在将其设为可配置选项,即验证服务器证书 Y/N",因此客户需要选择跳过检查(主要供我们的 QA 团队使用).

                  We had removed it while testing, and because the OpenLDAP server was using a self-signed cert, that was not in a trusted store. Re-introducing that callback resolved this issue, though we now make it a configurable option i.e. "Verify Server Certificate Y/N" so customers need to opt into skipping the check (mostly for our QA team to use).

                  感谢 Steffen 为我指明了 OpenLDAP 版本的方向,这使我找到了这个解决方案.

                  Thanks Steffen for pointing me in the direction of OpenLDAP versions which lead me to this solution.

                  这篇关于将 StartTLS 与 System.DirectoryServices 中的 LDAP 结合使用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

                  本站部分内容来源互联网,如果有图片或者内容侵犯了您的权益,请联系我们,我们会在确认后第一时间进行删除!

                  相关文档推荐

                  Adding and removing users from Active Directory groups in .NET(在 .NET 中的 Active Directory 组中添加和删除用户)
                  set equality in linq(在 linq 中设置相等)
                  HashSet conversion to List(HashSet 转换为 List)
                  How to set timeout for webBrowser navigate event(如何为 webBrowser 导航事件设置超时)
                  Test whether two IEnumerablelt;Tgt; have the same values with the same frequencies(测试两个IEnumerablelt;Tgt;具有相同频率的相同值)
                  How do you determine if two HashSets are equal (by value, not by reference)?(您如何确定两个 HashSet 是否相等(按值,而不是按引用)?)

                    <small id='JgJVy'></small><noframes id='JgJVy'>

                      <bdo id='JgJVy'></bdo><ul id='JgJVy'></ul>
                      • <tfoot id='JgJVy'></tfoot>
                        <i id='JgJVy'><tr id='JgJVy'><dt id='JgJVy'><q id='JgJVy'><span id='JgJVy'><b id='JgJVy'><form id='JgJVy'><ins id='JgJVy'></ins><ul id='JgJVy'></ul><sub id='JgJVy'></sub></form><legend id='JgJVy'></legend><bdo id='JgJVy'><pre id='JgJVy'><center id='JgJVy'></center></pre></bdo></b><th id='JgJVy'></th></span></q></dt></tr></i><div id='JgJVy'><tfoot id='JgJVy'></tfoot><dl id='JgJVy'><fieldset id='JgJVy'></fieldset></dl></div>

                              <tbody id='JgJVy'></tbody>
                            <legend id='JgJVy'><style id='JgJVy'><dir id='JgJVy'><q id='JgJVy'></q></dir></style></legend>