F
Fenster Blick
I've read every single posting on ADSVALUE, and possibly every single
posting on LDAP and .NET/dotNet, but I am still having problems
debugging an LDAP authentication issue.
The setup: We are using a .Net application to authenticate, using SSL,
with an LDAP directory on port 636. In the .Net code, the
DirectorySearcher searches on a DirectoryEntry. It uses the FastBind
AuthenticationType.
Sometimes it works and sometimes it doesn't. In almost every scenario,
if the application has not been used for several hours and someone
attempts authentication, it fails with the "ADSVALUE type is not yet
implemented" error message. Interestingly, if we wait about 30 minutes
and do not attempt any more logins, the error goes away.
Could the errors be related to FastBind? Should it be using
AuthenticationTypes.SecureSocketLayer instead?
Finally, the Microsoft documentation mentions that for FastBind, "ADSI
does not attempt to query the Active Directory objectClass property and
thus only exposes the base interfaces supported by all ADSI objects
instead of the full object support". I am clueless as to what this
means - can someone translate this into clearer English? What does it
matter if the objectClass property is not initially queried? Since our
LDAP has custom attributes, could this behaviour of FastBind cause the
error we received?
posting on LDAP and .NET/dotNet, but I am still having problems
debugging an LDAP authentication issue.
The setup: We are using a .Net application to authenticate, using SSL,
with an LDAP directory on port 636. In the .Net code, the
DirectorySearcher searches on a DirectoryEntry. It uses the FastBind
AuthenticationType.
Sometimes it works and sometimes it doesn't. In almost every scenario,
if the application has not been used for several hours and someone
attempts authentication, it fails with the "ADSVALUE type is not yet
implemented" error message. Interestingly, if we wait about 30 minutes
and do not attempt any more logins, the error goes away.
Could the errors be related to FastBind? Should it be using
AuthenticationTypes.SecureSocketLayer instead?
Finally, the Microsoft documentation mentions that for FastBind, "ADSI
does not attempt to query the Active Directory objectClass property and
thus only exposes the base interfaces supported by all ADSI objects
instead of the full object support". I am clueless as to what this
means - can someone translate this into clearer English? What does it
matter if the objectClass property is not initially queried? Since our
LDAP has custom attributes, could this behaviour of FastBind cause the
error we received?