我使用Novell.Directory.Ldap.NETStandard2_0程序包从Active Directory中对用户进行身份验证,它对大多数用户都适用.
I use Novell.Directory.Ldap.NETStandard2_0 package to authenticate users from Active Directory and it works fine for most of users.
using (var cn = new LdapConnection()) { cn.Connect(ldapOptions.Host, ldapOptions.Port); var userDn = username.IndexOf('@') < 0 ? username + $"@{ldapOptions.Domain}" : username; cn.Bind(userDn, password); if (cn.Bound) { result.Result = AuthResult.Succeed; result.Message = "Login Successful using LDAP: {0}."; } return result; }问题是当我们需要对仅限于登录到我们域(Active Directory)中的某些计算机的用户进行身份验证时.
The problem is when we need to authenticate users that are restricted to logon to only certain computers in our domain (Active Directory).
我将承载我的应用程序(IIS& Win Server 2016)的计算机添加到列表中,但是它仍然失败,并且无法对受限用户进行身份验证.
I added the computer that host my application (IIS & Win Server 2016) to the list but it still fails and restricted users cannot be authenticated yet.
如何解决此问题?我应该更改我的代码吗?或Active Directory/IIS设置?
How can I solve this issue? should I change my code? or Active Directory/IIS settings?
推荐答案LDAP身份验证通常来自域控制器,因此配置为LDAP主机的域控制器必须存在于登录工作站中(userWorkstations)列表.
LDAP authentication is generally sourced from the domain controller(s), so the domain controller(s) configured as the LDAP host need to be present in the logon workstations (userWorkstations) list.
更多推荐
使用Novell.Directory.Ldap.NETStandard2
发布评论