When I try to get user information from Active Directory, LdapConnection.SendRequest(SearchRequest req) causes :
Segmentation fault (core dumped)
on an Ubuntu 18.04.4 LTS (GNU/Linux 4.15.0-147-generic x86_64).
If I remove the line
searchRequest.TimeLimit = new TimeSpan(0, 1, 0);
LdapPal.SearchDirectory method returns LdapError.TimeOut (-7). and throws :
System.DirectoryServices.Protocols.LdapException: The LDAP server returned an unknown error. at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout) at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request) at ConsoleApp16.Program.GetUserDetailsFromLdap(String username) in D:sourcereposConsoleApp16ConsoleApp16Program.cs:line 47
Below code works without any problem on a Windows.
Verifying username and password by LdapConnection.Bind(new NetworkCredential(username, password, domainName)) works without any problem.
Below is the code:
private static string _baseDn = "OU=org1,DC=org1,DC=com,DC=tr"; private static LdapConnection _con = new(new LdapDirectoryIdentifier("org1.com.tr"), new NetworkCredential("#Username", "#Password", "#DomainName")); static void Main(string[] args) { _con.AuthType = AuthType.Basic; Console.ReadLine(); Console.WriteLine("Hello World!"); Console.WriteLine(TryLoginUser(@"#Username", "#Password","#DomainName")); Console.WriteLine(GetUserDetailsFromLdap(@"#Username").Email); } private static bool TryLoginUser(string username, string password, string domainName) { try { _con.Bind(new NetworkCredential(username, password, domainName)); } catch (Exception ex) { Console.WriteLine(ex.ToString()); return false; } return true; } private static LdapUser GetUserDetailsFromLdap(string username) { var searchFilter = $"(&sAMAccountName={username.Split('@')[0]})"; var searchRequest = new SearchRequest(_baseDn, searchFilter, SearchScope.Subtree, new string[] { "mail", "givenName", "sn", "sAMAccountName" }); searchRequest.TimeLimit = new TimeSpan(0, 1, 0); try { var response = (SearchResponse)_con.SendRequest(searchRequest); if (response?.ResultCode == ResultCode.Success) { var result = response?.Entries[0]; return new LdapUser() { Email = result.Attributes["mail"][0].ToString(), FirstName = result.Attributes["givenName"][0].ToString(), LastName = result.Attributes["sn"][0].ToString(), UserName = result.Attributes["sAMAccountName"][0].ToString() }; } else { return null; } } catch (Exception ex) { Console.WriteLine(ex.ToString()); } return null; } } public class LdapUser { public string FirstName { get; set; } public string LastName { get; set; } public string Email { get; set; } public string UserName { get; set; } }
Configuration
System.DirectoryServices.Protocols version 5.0.0
Runtime : Microsoft.NETCore.App 5.0.7
Target Runtime : portable
Deployment Mode: Portable
Update When using 6.0.0-preview.7.21377.19 version of System.DirectoryServices.Protocols without SearchRequest.TimeLimit property causes :
System.DirectoryServices.Protocols.LdapException: The search filter is invalid. at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout) at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request) at ConsoleApp16.Program.GetUserDetailsFromLdap(String username) in D:sourcereposConsoleApp16ConsoleApp16Program.cs:line 47
private static LdapConnection _con = new(new LdapDirectoryIdentifier("org1.com.tr")); bool isWindows = System.Runtime.InteropServices.RuntimeInformation.IsOSPlatform(System.Runtime.InteropServices.OSPlatform.Windows); var searchFilter =isWindows?$"(&sAMAccountName={username.Split('@')[0]})": $"(&(objectCategory=person)(objectclass=user)(sAMAccountName={username.Split('@')[0]}))";
If I set the searchFilter conditional to operating system, method executes successfully most of the time, even if I don’t set credentials for LDAPConnection object.
However randomly it continues to throw
System.DirectoryServices.Protocols.LdapException: The LDAP server returned an unknown error.
Advertisement
Answer
When I set LdapConnection.SessionOptions.ProtocolVersion to 3, everything worked as expected on Linux also.