Reputation: 1737
The server is not operational
This is the code I'm using to connecting to LDAP
using (DirEntry = new DirectoryEntry(string.Format("LDAP://{0}/{1}", this.Host, ServerName)))
{
DirEntry.RefreshCache();
if (!string.IsNullOrEmpty(UserName))
{
DirEntry.Username = UserName;
DirEntry.Password = PassWord;
}
if (DirEntry.Properties.Contains("objectGUID"))
{
byte[] guiddatet = (byte[])DirEntry.Properties["objectGUID"].Value;
return new Guid(guiddatet);
}
I get "The server is not operational" error message when I run the code.
Can someone please tell me where I'm doing it wrong. And is there anyway to replace the above code with direct LDAP query.
Upvotes: 11
Views: 34184
Answers (1)
Reputation: 3819
You should try breaking this into separate parts, so it's easier to manage the logic, and easier to locate where your errors are occurring. I usually go with the following approach in this situation :
- Create an
LdapConnectionobject so you can set the options you need - Setup a
NetworkCredentialinstance with an administrative username and password - Bind to the directory with the user so you can issue a direct LDAP query
- Return a
SearchResultEntryso you can process the properties
You have a few options to help you accomplish this, but I'd try something like this :
//Delcare your Network Credential with the administrative Username, Password, and your active directory domain
var credentials = new NetworkCredential(userName, password, domain);
//Create a directory identifier and connection,
var ldapidentifier = new LdapDirectoryIdentifier(serverName, port, false, false);
var ldapconn = new LdapConnection(ldapidentifier, credentials);
Next, make sure you're setting the right AuthType for your particular instance. Since you're connecting over port 389, just use AuthType.Basic.
ldapconn.AuthType = AuthType.Basic;
As you had asked, there is a very easy way to setup a direct LDAP query using this approach. I'm assuming you're searching by sAMAccountName, but you can modify this as needed :
string ldapFilter = "(&(objectCategory=person)(objectClass=user)(&(sAMAccountName={{UserYouAreTryingToFind}})))";
Now we just have to setup the search request, and send it accordingly :
//Send the search request with our delimited attribute list
var getUserRequest = new SearchRequest(domain, ldapFilter, SearchScope.Subtree, AttributeList)
{SizeLimit = 1};
//Suppress any refferal creation from happening during the search
var SearchControl = new SearchOptionsControl(SearchOption.DomainScope);
getUserRequest.Controls.Add(SearchControl);
var userResponse = (SearchResponse)ldapconn.SendRequest(getUserRequest);
//This is where I load up the entry I've located,
SearchResultEntry ResultEntry = userResponse.Entries[0];
That should return the user you've queried for, along with any properties you've put into AttributeList. In this context, AttributeList is just a string array (string[]) of property names - in your case you'll want to add one called "objectGUID".
As for reading the properties on the SearchResultEntry, you can do exactly what you had originally :
if(ResultEntry.Attributes.Contains("objectGUID"))
{
// do some stuff here
}
That should help get you going in the right direction.
Also, if you don't already have a copy of wireshark, I highly suggest you download it - it will be invaluable in diagnosing connection issues with active directory.
Upvotes: 4
Related Questions
- Windows Service LdapException: The LDAP server is unavailable
- LDAP server unavailable. C# ASP.net
- The LDAP server is unavailable
- Handling LDAP server is unavailable
- Active Directory: The server could not be contacted using DirectorySearcher
- Forms Authentication with LDAP "Server is unavailable" error
- LDAP Server is not available
- Possible causes of "Server not Operational" errors in LDAP
- LDAP Connection Error
- problem connecting to Active Directory server in C# .NET