问题描述
我需要知道 AuthenticationTypes 中的等效 AuthType 值才能从 S.DS 迁移到 S.DS.P 代码.
I need to know the equivalent AuthType values from AuthenticationTypes to migrate from S.DS to S.DS.P code.
我正在重写一个当前使用 System.DirectoryServices 命名空间的 LDAP 连接模块.为了提高与非 ActiveDirectory 服务器的兼容性,我正在尝试重写所有代码以使用 System.DirectoryServices.Protocols(根据.NET 开发人员目录服务编程指南"中的建议).除了在使用 AuthenticationTypes 枚举到 SD.Protocols 使用的 AuthType 枚举之间的转换.我需要知道两者之间的等价物,以便使用旧代码的客户端在发布新代码时不会失去功能.
I am rewriting an LDAP connection module that currently uses the System.DirectoryServices namespace. To increase compatibility with non-ActiveDirectory servers, I am trying to rewrite all of the code to use System.DirectoryServices.Protocols (as per the suggestion in "The .NET Developer's Guide to Directory Services Programming). Everything is going smoothly except for the transition between using the AuthenticationTypes enumeration to the AuthType one used by SD.Protocols. I need to know the equivalents between the two so that clients using the old code do not lose functionality when the new code is released.
我知道的等价物是:
无 -> 基本
安全 -> 协商(或多或少)
匿名 -> 无
SecureSocketsLayer -> 将 LdapSessionOptions.SecureSocketsLayer 设置为 true
The equivalencies that I know of are:
None -> Basic
Secure -> Negotiate (more or less)
Anonymous -> None
SecureSocketsLayer -> setting LdapSessionOptions.SecureSocketsLayer to true
推荐答案
看来你走对了.
经过一些研究,我能够映射几乎所有的 AuthenticationTypes 值:
After doing some research, I was able to map almost all of the AuthenticationTypes values:
无:AuthType.Basic
None: AuthType.Basic
安全:AuthType.Negotiate
Secure: AuthType.Negotiate
匿名:AuthType.Anonymous
Anonymous: AuthType.Anonymous
签名:LdapSessionOptions.Signing
Signing: LdapSessionOptions.Signing
密封:LdapSessionOptions.Sealing
Sealing: LdapSessionOptions.Sealing
SecureSocketLayer:LdapSessionOptions.SecureSocketLayer
SecureSocketLayer: LdapSessionOptions.SecureSocketLayer
加密:与 SecureSocketLayer 的值相同
Encryption: Same value as SecureSocketLayer
ReadonlyServer:LdapSessionOptions.LocatorFlag.WriteableRequired = false
ReadonlyServer: LdapSessionOptions.LocatorFlag.WriteableRequired = false
Serverbind:使用具有 fullyQualifiedDnsHostName 参数的 LdapDirectoryIdentifier 构造函数之一,并将值设置为 true.
Serverbind: Use one of the LdapDirectoryIdentifier constructors that has the fullyQualifiedDnsHostName argument, with the value set to true.
FastBind:不适用,因为此 S.DS.P 在较低级别上工作.
FastBind: Doesn't apply, since this S.DS.P works at a lower level.
委托:未找到相应的设置.委托可能是隐含的.一种测试方法是转换 上的代码这个页面,看看它是否有效.
Delegation: No corresponding setting found. It could be that delegation is implicit. One way to test would be to convert the code on this page and see if it works.
请注意,并非所有非 AD 服务器都支持 AuthType.Negotiate,因为它是特定于 Windows 的.还有一些其他的东西(比如一些 LocatorFlag 值)对于非 AD 系统也没有任何意义.因此,在转换假设 AD 连接的代码时要小心,因为某些假设将不再安全.
Be aware that not all non-AD servers will support AuthType.Negotiate, since it is Windows specific. There are several other things (like some of the LocatorFlag values) that will also not mean anything for non-AD systems. Thus, take care when converting code that assumed AD connectivity, since some assumptions will no longer be safe.
这篇关于从 System.DirectoryServices 切换到 DirectoryServices.Protocols 时的身份验证类型的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!