Develop Reference

Active Directory: need to authenticate and get the user details in c#

I am connecting to AD and checking the username exists and validating the credentials in my local machine and it is working fine.
bool userAuthenticated = false;
var domainName = DomainName;
if (useSSL)
{
domainName = domainName + ":636";
ContextOptions options = ContextOptions.SimpleBind | ContextOptions.SecureSocketLayer;
using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, domainName, null, options, domainuser, domainpassword))
{
userAuthenticated = pc.ValidateCredentials(username, password, options);
}
}
else
{
using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, domainName))
{
userAuthenticated = pc.ValidateCredentials(username, password);
}
}
return userAuthenticated;
But when the code is deployed in the server it is throwing an error
Invalid username / password
But our team is providing only GMSA account and it is not having the password.
How do I authenticate the credentials and check the username in AD exists or not?

Basic authentication requires a secure connection to the server. in TFS

I was try to connect my TFS server using my credentials . But i am getting error 'Basic authentication requires a secure connection to the server.'
string username = "adminuser";
string pwd = "mypassword";
string domain = "http://localhost:8080/tfs/defaultcollection";
NetworkCredential networkCredential = new NetworkCredential(username, pwd);
BasicAuthCredential basicAuthCredential = new BasicAuthCredential(networkCredential);
TfsClientCredentials tfsClientCredentials = new TfsClientCredentials(basicAuthCredential)
{
AllowInteractive = false
};
TfsTeamProjectCollection tfs = new TfsTeamProjectCollection(new Uri(domain), tfsClientCredentials);
tfs.EnsureAuthenticated();
My tfs didn't have the https. Any alternative to fix it But browser level it is working fine

The BasicAuthCredential requires https://, I believe, and I wasn't able to access my TFS with https://. So I found another way to get from NetworkCredential to VssCredentials.
string username = "adminuser";
string pwd = "mypassword";
string domain = "http://localhost:8080/tfs/defaultcollection";
NetworkCredential networkCredential = new NetworkCredential(username, pwd);
//BasicAuthCredential basicAuthCredential = new BasicAuthCredential(networkCredential);
Microsoft.VisualStudio.Services.Common.WindowsCredential winCred = new Microsoft.VisualStudio.Services.Common.WindowsCredential(networkCredential);
VssCredentials vssCred = new VssClientCredentials(winCred);
TfsTeamProjectCollection tfs = new TfsTeamProjectCollection(new Uri(domain), vssCred);
tfs.EnsureAuthenticated();

Try using the following code:
String collectionUri = "http://localhost:8080/tfs/defaultcollection";
VssCredentials creds = new VssClientCredentials();
creds.Storage = new VssClientCredentialStorage();
VssConnection connection = new VssConnection(new Uri(collectionUri), creds);

How to connect LDAP server with username and password?

When I use AuthenticationTypes.Anonymous to connect to LDAP server, it`s ok:
var a = new DirectoryEntry("LDAP://localhost:389/dc=maxcrc,dc=com", "", "", AuthenticationTypes.Anonymous);
but when I want to use username and password to connect the server:
var a = new DirectoryEntry("LDAP://localhost:389/dc=maxcrc,dc=com", "cn=Manager,dc=maxcrc,dc=com", "111111");
it causes a "Specifying an invalid dn syntax" error:
If I use this:
var a = new DirectoryEntry("LDAP://localhost:389/dc=moe,dc=com", "cn=Manager,dc=moe,dc=com", "111111", AuthenticationTypes.Encryption);
it causes an "The server is not operational" error:
So how can I connect to my LDAP server with username and password?

here's some of my piece of code when connecting to LDAP and authenticating the user used.
private DirectoryEntry dEntry = null;
private DirectorySearcher dSearch = null;
//Validate User Credentials in Active Directory
dEntry = new DirectoryEntry(ADPath, userName, password, AuthenticationTypes.Secure);
dSearch = new DirectorySearcher(dEntry);
dSearch.PageSize = 1000;
dSearch.PropertiesToLoad.Add("cn");
if (dSearch.FindOne() != null)
{
//success
}

for validate username and password use this code
using(PrincipalContext pc = new PrincipalContext(ContextType.Domain, "YOURDOMAIN"))
{
// validate the credentials
bool isValid = pc.ValidateCredentials("myuser", "mypassword");
}
and for connect with username and password try this
DirectoryEntry directoryEntry = new DirectoryEntry("LDAP://example.com", "username", "password");

Thank you everyone!I slove it by using the AuthenticationTypes.None
My situation is my ldap server is openssh on windows

Change Password Windows AD C#

Below is the code I am using: I get an access denied even though I am impersonating with an account that is in the Administrators group.
SafeTokenHandle safeTokenHandle;
string userName, domainName;
// Get the user token for the specified user, domain, and password using the
// unmanaged LogonUser method.
// The local machine name can be used for the domain name to impersonate a user on this machine.
const int LOGON32_PROVIDER_DEFAULT = 0;
//This parameter causes LogonUser to create a primary token.
const int LOGON32_LOGON_INTERACTIVE = 2;
// Call LogonUser to obtain a handle to an access token.
bool returnValue = LogonUser(username, domain, password,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, out safeTokenHandle);
if (false == returnValue)
{
int ret = Marshal.GetLastWin32Error();
}
using (safeTokenHandle)
{
using (WindowsImpersonationContext impersonatedUser = WindowsIdentity.Impersonate(safeTokenHandle.DangerousGetHandle()))
{
string x = WindowsIdentity.GetCurrent().Name;
PrincipalContext pc = new PrincipalContext(ContextType.Domain);
UserPrincipal up = UserPrincipal.FindByIdentity(pc, username);
up.SetPassword(txtNewChangedPassword.Text);
}

SetPassword requires the user your code is running as to be an admin in Active Directory. Since you already have the old password available, try replacing this line:
up.SetPassword(txtNewChangedPassword.Text);
With this:
up.ChangePassword(password, txtNewChangedPassword.Text);
up.Save();

What is it with impersonation this week? The PrincipalContext object has a constructor that accepts user credentials. All you need to do is:
PrincipalContext pc = new PrincipalContext(ContextType.Domain, domain, username, password);
UserPrincipal up = UserPrincipal.FindByIdentity(pc, username);
up.SetPassword(txtNewChangedPassword.Text);

using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, domain, username, password))
{
//PrincipalContext pc = new PrincipalContext(ContextType.Domain, domain, username, password);
UserPrincipal up = new UserPrincipal(pc);
up.SetPassword(newPassword);
}

Getting error while Authenticating online TFS from WCF service

I am trying to connect online TFS using WCF service but it is throwing me exception "TF30063: You are not authorized to access https://abdul-r.visualstudio.com/DefaultCollection/TestTFS.".
Below is my sample code
NetworkCredential netCred = new NetworkCredential(
"*MyEmail*",
"*MyPassword*");
BasicAuthCredential basicCred = new BasicAuthCredential(netCred);
TfsClientCredentials credential = new TfsClientCredentials(basicCred);
credential.AllowInteractive = false;
string TFSServerPath = "https://abdul-r.visualstudio.com/DefaultCollection/TestTFS";
using (TfsTeamProjectCollection tfs1 = new TfsTeamProjectCollection(new Uri(TFSServerPath), credential))
{
tfs1.EnsureAuthenticated();
}
Any help would be appreciated.