LDAP Service

LDAPService.cs

using System.DirectoryServices;

public class LDAPService
{
    private readonly string _rootStart;
    private readonly string _serverName;

    public LDAPService(String RootStart, String ServerName)
    {
        _rootStart = RootStart;
        _serverName = ServerName;
    }

    public bool Authenticate(string userName, string password)
    {
        bool authentic = false;
        try
        {
            DirectoryEntry entry = new DirectoryEntry("LDAP://" + _serverName, userName, password);
            object nativeObject = entry.NativeObject;
            authentic = true;
        }
        catch (DirectoryServicesCOMException)
        {
            //intentionally left empty
        }
        catch (System.Runtime.InteropServices.COMException ex)
        {
            throw new ApplicationException("The LDAP system is unavailable.  Please inform the system administrator. (" + ex.Message + ")");
        }
        return authentic;
    }

    public bool UserExists(string username, string password)
    {
        return GetUser(username, password) != null;
    }

    public SearchResult GetUser(string username, string password)
    {
        SearchResult entry;

        try
        {
            // create LDAP connection object  
            DirectoryEntry myLdapConnection = createDirectoryEntry(username, password);

            // create search object which operates on LDAP connection object  
            // and set search object to only find the user specified  
            DirectorySearcher search = new DirectorySearcher(myLdapConnection);
            //search.Filter = "(cn=" + username + ")";
            search.Filter = "(&(objectClass=User)(sAMAccountName=" + username + "))";

            // create results objects from search object  
            SearchResult result = search.FindOne();
            if (result != null)
            {
                // user exists, cycle through LDAP fields (cn, telephonenumber etc.)  
                entry = result;
            }
            else
            {
                // user does not exist  
                //Console.WriteLine("User not found!");
                entry = null;
            }

            myLdapConnection.Close();
            myLdapConnection.Dispose();

            // and finally...
            return entry;
        }
        catch (Exception e)
        {
            //Console.WriteLine("Exception caught:\n\n" + e.ToString());
            throw e;
        }
        finally
        {

        }
    }

    private DirectoryEntry createDirectoryEntry(string username, string password)
    {
        // create and return new LDAP connection with desired settings  

        DirectoryEntry ldapConnection = new DirectoryEntry("LDAP://" + _serverName + "/" + _rootStart);
        ldapConnection.Username = username;
        ldapConnection.Password = password;
        ldapConnection.AuthenticationType = AuthenticationTypes.Secure;

        return ldapConnection;
    }
}

使用方式.cs

LDAPService ldapServer = new LDAPService(rootStart, serverName);
try
{
    if (ldapServer.Authenticate(account, password))
    {
        var entry = ldapServer.GetUser(account, password);
        if (entry != null && entry.Properties != null)
        {
            //取回使用者資料
            if (entry.Properties["mail"] != null && entry.Properties["mail"].Count > 0)
            {
                email = entry.Properties["mail"][0].ToString();
            }
            if (entry.Properties["displayname"] != null && entry.Properties["displayname"].Count > 0)
            {
                displayName = entry.Properties["displayname"][0].ToString();
            }
        }
        else
        {
             //無法取得使用者資料的處理
        }
    }
    else
    {
        //帳號密碼錯誤的處理
    }
}
catch (Exception ex)
{
    //例外處理(連不到LDAP Server)
}