2
Vote

LDAP Invalid Credentials via bad user id

description

At first I thought there was a problem with the LdapHelper. But it might be with the way the user id is retrieved or stored.

First the problem:
I was setting up LDAP on the SiteSettings.aspx page. It was not working. So I followed the code on CodePlex. The following line caught my eye. So I downloaded the full code and put a break in it. And sure enough that line caused the error. My uid has the domain in it. And the following code appends then domain on the end. So it is trying to the bind with 'domain\userid@domain' that is causing the error.
// this works with Active Directory
conn.Bind(uid + "@" + ldapSettings.Domain, password);
So this line in SiteSettings.aspx.cs, function TestCurrentUserLdap, sets the uid to 'domain\userid'.

private bool TestCurrentUserLdap(LdapSettings testLdapSettings)
{
--> String uid = Context.User.Identity.Name;
    SiteUser user = new SiteUser(this.selectedSite, uid);
    return LdapHelper.TestUser(testLdapSettings, user.LoginName, txtLdapTestPassword.Text);
}

(both uid and user.LoginName = 'domain/userid')


To fix this, I think the GetUser function in SiteUser class could test if uid contains a slash and remove the domain and slash. That way it does not get stored in the database and the LDAP should work as designed.


Change set = 08b9e72fe613

comments

joeaudette wrote Jan 26, 2011 at 6:20 PM

Hi,

Can you make the change needed to get it working for you then send me the modified file(s)? I'll then forward the change to a team member who also uses LDAP just to make sure your change does not break anything for him. You can either add an attachment here or send it to me at joe dot audette at g mail dotcom

Thanks,
Joe

Sign in to add a comment or to set email notifications