0

Currently, I have 1 user have the permission to bind OpenDJ server. Then I need to verify the username and password from the end user. How can I do that?

This is the way I create the LDAP connection and bind successfully:

LdapConnection connection = new LdapConnection("opendj.mydn.com.vn");
//Set session options
connection.SessionOptions.SecureSocketLayer = false;
connection.AuthType = AuthType.Basic;
connection.Bind(new NetworkCredential("myuser", "mypassword"));

After that, I need to use this connection to verify the "user1" and "password1".

How can I query this action?

This is the configuration of OpenDJ:

Host_LDAP=opendj.mydn.com.vn
dn_LDAP=ou\=People,dc\=mydn,dc\=com
#uid_LDAP=uid\=webservice,ou\=People,dc\=mydn,dc\=com
uid_LDAP=webservice
admin_LDAP_verify_attr=uid
admin_LDAP_verify_dn=ou\=People,dc\=mydn,dc\=com
rene
  • 41,474
  • 78
  • 114
  • 152
Hoang Tran
  • 886
  • 3
  • 13
  • 32

1 Answers1

1

You've already done it. If the bind succeeded, the username and password were correct.

EDIT Your 'IT guy' is seriously misinformed. According to the OpenDJ configuration documentation #6.1.5, there is no real 'bind' permission. Instead:

Bind

Because this is used to establish the user's identity and derived authorizations, ACI is irrelevant for this operation and is not checked. To prevent authentication, disable the account instead. For details see Section 11.2, "Managing Accounts Manually".

[Emphasis added.]

user207421
  • 305,947
  • 44
  • 307
  • 483
  • Thank bro, but I need use this connection to verify another user (user1) – Hoang Tran Oct 17 '17 at 09:10
  • So you need to bind as that user, with his password. Bind is the critical step here. – user207421 Oct 17 '17 at 09:22
  • The IT guy told me that only myuser is granted permission to bind to this OpenDJ. After that I, need use my user to verify other users. – Hoang Tran Oct 17 '17 at 09:29
  • It appears that the IT guy doesn't know what he's talking about. Any LDAP user must be able to bind as himself. Otherwise it is misconfigured. – user207421 Oct 17 '17 at 09:32
  • I tried to bind by user1 but not successful. I have updated my question to add LDAP configuration. The IT guy just provides this info and 1 user (myuser) to verify others user. I have searched for 1 day but could find the solution. :( – Hoang Tran Oct 17 '17 at 10:41
  • I've given you the solution. I dont know what else you want. If your IT guy doesn't understand LDAP, get one who does. – user207421 Oct 17 '17 at 11:07
  • Thank you, bro. I will ask him to grant permission to each user to bind – Hoang Tran Oct 17 '17 at 15:33
  • See edit. You don't have to do anything, IT guy notwithstanding, but he needs to read his product documentation, and to stop wasting developers' time. If you can complain about this without self-harm I would do so. – user207421 Oct 18 '17 at 04:17
  • Thank you very much. It saves my life – Hoang Tran Oct 23 '17 at 05:47