Cross platform port of OpenLdap Client library (https://www.openldap.org/software/man.cgi?query=ldap)
and Windows Ldap (https://docs.microsoft.com/en-us/windows/win32/api/_ldap/) to DotNet Core
For Linux\OSX you must ensure you have the latest OpenLDAP client libraries installed from http://www.openldap.org
It works with any LDAP protocol compatible directory server (including Microsoft Active Directory).
Supported paswordless authentication (Kerberos) on all platforms (on Linux\OSX supported SASL GSSAPI (Kerberos) authentication!).
Sample usage (Kerberos authentication)
using (var cn = new LdapConnection())
{
// connect
cn.Connect();
// bind using kerberos credential cache file
cn.Bind();
// call ldap op
var entries = cn.Search("<<basedn>>", "(objectClass=*)");
}- Most of popular Linux distributives
- OSX
- Windows
- Supported on the .NET Standard - minimum required is 2.0 - compatible .NET runtimes: .NET Core, Mono, .NET Framework.
Install-Package LdapForNet
dotnet add package LdapForNet
using (var cn = new LdapConnection())
{
// connect use Domain Controller host from computer hostname and default port 389
// Computer hostname - mycomp.example.com => DC host - example.com
cn.Connect();
....
}using (var cn = new LdapConnection())
{
// connect use hostname and port
cn.Connect("dc.example.com",636);
....
}using (var cn = new LdapConnection())
{
cn.Connect();
// bind using kerberos credential cache file
cn.Bind();
...
}using (var cn = new LdapConnection())
{
cn.Connect("ldap.forumsys.com");
// bind using userdn and password
cn.Bind(LdapAuthMechanism.SIMPLE,"cn=read-only-admin,dc=example,dc=com","password");
...
}using (var cn = new LdapConnection())
{
cn.Connect();
// bind using kerberos credential cache file
cn.BindAsync().Wait();
...
}using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
//search all objects in catalog (default search scope = LdapSearchScope.LDAP_SCOPE_SUBTREE)
var entries = cn.Search("dc=example,dc=com","(objectClass=*)");
}using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
//search objects in catalog at first level scope
var entries = cn.Search("dc=example,dc=com","(objectClass=*)", LdapSearchScope.LDAP_SCOPE_ONELEVEL);
}using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
//search all objects in catalog (default search scope = LdapSearchScope.LDAP_SCOPE_SUBTREE)
var entries = cn.SearchAsync("dc=example,dc=com","(objectClass=*)").Result;
}using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
//search by CN, get @base from machine hostname (my.example.com => dn=example,dn=com )
var entries = cn.SearchByCn("read-only-admin");
}using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
//search by CN
var entries = cn.SearchByCn("ou=admins,dn=example,dn=com", "read-only-admin", LdapSearchScope.LDAP_SCOPE_ONELEVEL);
}using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
//search by CN, get @base from machine hostname (my.example.com => dn=example,dn=com )
var entries = cn.SearchBySid("S-1-5-21-2127521184-1604012920-1887927527-72713");
}using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
//search by CN
var entries = cn.SearchBySid("ou=admins,dn=example,dn=com", "S-1-5-21-2127521184-1604012920-1887927527-72713", LdapSearchScope.LDAP_SCOPE_ONELEVEL);
}using (var cn = new LdapConnection())
{
cn.Connect();
var ldapVersion = (int)LdapVersion.LDAP_VERSION3;
cn.SetOption(LdapOption.LDAP_OPT_PROTOCOL_VERSION, ref ldapVersion);
cn.Bind();
}using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
cn.Add(new LdapEntry
{
Dn = "cn=test,dc=example,dc=com",
Attributes = new Dictionary<string, List<string>>
{
{"sn", new List<string> {"Winston"}},
{"objectclass", new List<string> {"inetOrgPerson"}},
{"givenName", new List<string> {"your_name"}},
{"description", new List<string> {"your_description"}}
}
});
}using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
await cn.AddAsync(new LdapEntry
{
Dn = "cn=test,dc=example,dc=com",
Attributes = new Dictionary<string, List<string>>
{
{"sn", new List<string> {"Winston"}},
{"objectclass", new List<string> {"inetOrgPerson"}},
{"givenName", new List<string> {"your_name"}},
{"description", new List<string> {"your_description"}}
}
});
}using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
cn.Modify(new LdapModifyEntry
{
Dn = "cn=test,dc=example,dc=com",
Attributes = new List<LdapModifyAttribute>
{
new LdapModifyAttribute
{
LdapModOperation = LdapModOperation.LDAP_MOD_REPLACE,
Type = "givenName",
Values = new List<string> {"test_value_2"}
},
new LdapModifyAttribute
{
LdapModOperation = LdapModOperation.LDAP_MOD_ADD,
Type = "displayName",
Values = new List<string> {"test_display_name"}
},
new LdapModifyAttribute
{
LdapModOperation = LdapModOperation.LDAP_MOD_ADD,
Type = "sn",
Values = new List<string> {"test"}
},
new LdapModifyAttribute
{
LdapModOperation = LdapModOperation.LDAP_MOD_DELETE,
Type = "description",
Values = new List<string> {"test_value"}
}
}
});
}using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
await cn.ModifyAsync(new LdapModifyEntry
{
Dn = "cn=test,dc=example,dc=com",
Attributes = new List<LdapModifyAttribute>
{
new LdapModifyAttribute
{
LdapModOperation = LdapModOperation.LDAP_MOD_REPLACE,
Type = "givenName",
Values = new List<string> {"test_value_2"}
},
new LdapModifyAttribute
{
LdapModOperation = LdapModOperation.LDAP_MOD_ADD,
Type = "displayName",
Values = new List<string> {"test_display_name"}
},
new LdapModifyAttribute
{
LdapModOperation = LdapModOperation.LDAP_MOD_ADD,
Type = "sn",
Values = new List<string> {"test"}
},
new LdapModifyAttribute
{
LdapModOperation = LdapModOperation.LDAP_MOD_DELETE,
Type = "description",
Values = new List<string> {"test_value"}
}
}
});
}using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
cn.Delete("cn=test,dc=example,dc=com");
}using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
await cn.DeleteAsync("cn=test,dc=example,dc=com");
}using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
cn.Rename("cn=test,dc=example,dc=com", "cn=test2", null, true);
}using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
await cn.RenameAsync("cn=test,dc=example,dc=com", "cn=test2", null, true);
}Generic method for ldap requests. Inspired by .NET Framework LdapConnection.SendRequest
using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
cn.SendRequest(new DeleteRequest("cn=test,dc=example,dc=com"));
}Generic method for ldap requests. Inspired by .NET Framework LdapConnection.SendRequest
using (var cn = new LdapConnection())
{
cn.Connect();
cn.Bind();
var cancellationTokenSource = new CancellationTokenSource();
//whoami
var res = await cn.SendRequestAsync(new ExtendedRequest("1.3.6.1.4.1.4203.1.11.3"), cancellationTokenSource.Token);
var extendedResponse = (ExtendedResponse) res;
var name = Encoding.ASCII.GetString(extendedResponse.ResponseValue);
}For own implementations or not implemented OpenLdap functions use GetNativeLdapPtr. It's provided pointer to native structure LDAP. So we can use this pointer in own implementations.
For example, implement "DIGEST-MD5" authentication
using static LdapForNet.Native.Native;
using (var cn = new LdapConnection())
{
cn.Connect();
var ld = cn.GetNativeLdapPtr();
var defaults = new LdapSaslDefaults {
mech = "DIGEST-MD5",
passwd="password",
authcid="user",
realm="realm.com",
authzid="user"
};
var ptr = Marshal.AllocHGlobal(Marshal.SizeOf(defaults));
Marshal.StructureToPtr(defaults, ptr, false);
int rc = ldap_sasl_interactive_bind_s( ld, null,defaults.mech, IntPtr.Zero, IntPtr.Zero,
(uint)LdapInteractionFlags.LDAP_SASL_QUIET, (l, flags, d, interact) => (int)LdapResultCode.LDAP_SUCCESS, ptr);
...
}This software is distributed under the terms of the MIT License (MIT).
Alexander Chermyanin / LinkedIn
Contributions and bugs reports are welcome.