Segmentation fault (core dumped) when calling LdapConnection.SendRequest(SearchRequest req) at System.DirectoryServices.Protocols on Ubuntu 18.04.4LTS

When I try to get user information from Active Directory, LdapConnection.SendRequest(SearchRequest req) causes :

Segmentation fault (core dumped)

on an Ubuntu 18.04.4 LTS (GNU/Linux 4.15.0-147-generic x86_64).

If I remove the line

searchRequest.TimeLimit = new TimeSpan(0, 1, 0);

LdapPal.SearchDirectory method returns LdapError.TimeOut (-7). and throws :

System.DirectoryServices.Protocols.LdapException: The LDAP server returned an unknown error.
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request)
   at ConsoleApp16.Program.GetUserDetailsFromLdap(String username) in D:sourcereposConsoleApp16ConsoleApp16Program.cs:line 47

JavaScript
​x
 
System.DirectoryServices.Protocols.LdapException: The LDAP server returned an unknown error.   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request)   at ConsoleApp16.Program.GetUserDetailsFromLdap(String username) in D:sourcereposConsoleApp16ConsoleApp16Program.cs:line 47​

Below code works without any problem on a Windows.

Verifying username and password by LdapConnection.Bind(new NetworkCredential(username, password, domainName)) works without any problem.

Below is the code:

    private static string _baseDn = "OU=org1,DC=org1,DC=com,DC=tr";
    private static LdapConnection _con = new(new LdapDirectoryIdentifier("org1.com.tr"), new NetworkCredential("#Username", "#Password", "#DomainName"));
    static void Main(string[] args)
    {
        _con.AuthType = AuthType.Basic;

        Console.ReadLine();
        Console.WriteLine("Hello World!");

        Console.WriteLine(TryLoginUser(@"#Username", "#Password","#DomainName"));

        Console.WriteLine(GetUserDetailsFromLdap(@"#Username").Email);
    }

    private static bool TryLoginUser(string username, string password, string domainName)
    {
        try
        {
            _con.Bind(new NetworkCredential(username, password, domainName));
        }
        catch (Exception ex)
        {
            Console.WriteLine(ex.ToString());
            return false;
        }
        return true;
    }

    private static LdapUser GetUserDetailsFromLdap(string username)
    {
        var searchFilter = $"(&sAMAccountName={username.Split('@')[0]})";

        var searchRequest = new SearchRequest(_baseDn, searchFilter, SearchScope.Subtree, new string[] { "mail", "givenName", "sn", "sAMAccountName" });
        searchRequest.TimeLimit = new TimeSpan(0, 1, 0);

        try
        {
            
            var response = (SearchResponse)_con.SendRequest(searchRequest);
            if (response?.ResultCode == ResultCode.Success)
            {
                var result = response?.Entries[0];
                return new LdapUser()
                {
                    Email = result.Attributes["mail"][0].ToString(),
                    FirstName = result.Attributes["givenName"][0].ToString(),
                    LastName = result.Attributes["sn"][0].ToString(),
                    UserName = result.Attributes["sAMAccountName"][0].ToString()
                };
            }
            else
            {
                return null;
            }

        }
        catch (Exception ex)
        {
            Console.WriteLine(ex.ToString());
        }
        return null;
    }
}

public class LdapUser
{
    public string FirstName { get; set; }
    public string LastName { get; set; }
    public string Email { get; set; }
    public string UserName { get; set; }
}

JavaScript
 
    private static string _baseDn = "OU=org1,DC=org1,DC=com,DC=tr";    private static LdapConnection _con = new(new LdapDirectoryIdentifier("org1.com.tr"), new NetworkCredential("#Username", "#Password", "#DomainName"));    static void Main(string[] args)    {        _con.AuthType = AuthType.Basic;​        Console.ReadLine();        Console.WriteLine("Hello World!");​        Console.WriteLine(TryLoginUser(@"#Username", "#Password","#DomainName"));​        Console.WriteLine(GetUserDetailsFromLdap(@"#Username").Email);    }​    private static bool TryLoginUser(string username, string password, string domainName)    {        try        {            _con.Bind(new NetworkCredential(username, password, domainName));        }        catch (Exception ex)        {            Console.WriteLine(ex.ToString());            return false;        }        return true;    }​    private static LdapUser GetUserDetailsFromLdap(string username)    {        var searchFilter = $"(&sAMAccountName={username.Split('@')[0]})";​        var searchRequest = new SearchRequest(_baseDn, searchFilter, SearchScope.Subtree, new string[] { "mail", "givenName", "sn", "sAMAccountName" });        searchRequest.TimeLimit = new TimeSpan(0, 1, 0);​        try        {                        var response = (SearchResponse)_con.SendRequest(searchRequest);            if (response?.ResultCode == ResultCode.Success)            {                var result = response?.Entries[0];                return new LdapUser()                {                    Email = result.Attributes["mail"][0].ToString(),                    FirstName = result.Attributes["givenName"][0].ToString(),                    LastName = result.Attributes["sn"][0].ToString(),                    UserName = result.Attributes["sAMAccountName"][0].ToString()                };            }            else            {                return null;            }​        }        catch (Exception ex)        {            Console.WriteLine(ex.ToString());        }        return null;    }}​public class LdapUser{    public string FirstName { get; set; }    public string LastName { get; set; }    public string Email { get; set; }    public string UserName { get; set; }}​

Configuration

System.DirectoryServices.Protocols version 5.0.0

Runtime : Microsoft.NETCore.App 5.0.7

Target Runtime : portable

Deployment Mode: Portable

Update When using 6.0.0-preview.7.21377.19 version of System.DirectoryServices.Protocols without SearchRequest.TimeLimit property causes :

System.DirectoryServices.Protocols.LdapException: The search filter is invalid.
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request)
   at ConsoleApp16.Program.GetUserDetailsFromLdap(String username) in D:sourcereposConsoleApp16ConsoleApp16Program.cs:line 47

JavaScript
 
System.DirectoryServices.Protocols.LdapException: The search filter is invalid.   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request)   at ConsoleApp16.Program.GetUserDetailsFromLdap(String username) in D:sourcereposConsoleApp16ConsoleApp16Program.cs:line 47​

private static LdapConnection _con = new(new LdapDirectoryIdentifier("org1.com.tr"));

bool isWindows = System.Runtime.InteropServices.RuntimeInformation.IsOSPlatform(System.Runtime.InteropServices.OSPlatform.Windows);
            
var searchFilter =isWindows?$"(&sAMAccountName={username.Split('@')[0]})": $"(&(objectCategory=person)(objectclass=user)(sAMAccountName={username.Split('@')[0]}))";

JavaScript
 
private static LdapConnection _con = new(new LdapDirectoryIdentifier("org1.com.tr"));​bool isWindows = System.Runtime.InteropServices.RuntimeInformation.IsOSPlatform(System.Runtime.InteropServices.OSPlatform.Windows);            var searchFilter =isWindows?$"(&sAMAccountName={username.Split('@')[0]})": $"(&(objectCategory=person)(objectclass=user)(sAMAccountName={username.Split('@')[0]}))";​​

If I set the searchFilter conditional to operating system, method executes successfully most of the time, even if I don’t set credentials for LDAPConnection object.

However randomly it continues to throw

System.DirectoryServices.Protocols.LdapException: The LDAP server returned an unknown error.

Answer

When I set LdapConnection.SessionOptions.ProtocolVersion to 3, everything worked as expected on Linux also.

Advertisement

Answer