Authenticated successfully as user X, but LdapException: No Such Object (32)

[kamilk91]

'Novell.Directory.Ldap.LdapException' in Novell.Directory.Ldap.NETStandard.dll

"   at Novell.Directory.Ldap.LdapResponse.ChkResultCode()\n   at Novell.Directory.Ldap.LdapSearchResults.Next()\n   at Visus.LdapAuthentication.LdapAuthenticationService`1.Login(String username, String password)\n   at Infrastructure.Services.AuthenticationService.<Login>d__2.MoveNext() in C:\\git\\XX\\src\\Infrastructure\\Services\\AuthenticationService.cs:line 26"

My implementation: .Net 6

var opt = new LdapOptions();

builder.Configuration.GetSection("LdapConfiguration").Bind(opt);

builder.Services.AddLdapAuthenticationService(opt);
builder.Services.AddLdapSearchService<LdapUser>(opt);

    <PackageReference Include="AutoMapper" Version="12.0.1">
      <TreatAsUsed>true</TreatAsUsed>
    </PackageReference>
    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="7.0.9">
      <TreatAsUsed>true</TreatAsUsed>
    </PackageReference>
    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="7.0.9">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
    </PackageReference>
    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="7.0.9">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
      <TreatAsUsed>true</TreatAsUsed>
    </PackageReference>
    <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="7.0.4" />
    <PackageReference Include="Visus.LdapAuthentication" Version="1.9.0" />

 public class AuthenticationService : IAuthenticationService
    {
        private readonly ILdapAuthenticationService _ldapAuthenticationService;

        public AuthenticationService(ILdapAuthenticationService ldapAuthenticationService)
        {
            this._ldapAuthenticationService = ldapAuthenticationService;
        }

        public async Task Login(string username, string password)
        {
            try
            {

                var response = _ldapAuthenticationService.Login(username, password);
            }
            catch (LdapException ex)
            {

            Console.WriteLine(ex);
            }
        }

    }

My LDAP is managed by PHPLDAPAdmin.

i login as the same user im doing it in app.

[crowbar27]

I assume that you have stripped away some sensitive data from your sample code, because there is nothing in line 26. Therefore, it is hard to tell what is actually happening. My guess is the following: When the authentication service logs in, it performs an LDAP bind with the credentials provided and if that succeeds, it retrieves the user's LDAP entry to populate the user object. The latter is dependent on the search base you have configured in the LDAP options, whereas the bind is independent from this (you pass the full CN, or the UPN in case of AD).

Is the user that is being authenticated in the OU you configured as search base (or in a sub-OU with the search scope being configured appropriately)?

[crowbar27]

One other point: You wrote that you are using PHPLDAPAdmin, wherefore I assume that your server is not running Active Directory Domain Services, but OpenLDAP or something else. You may need to provide a custom mapping (in code or via your appsettings.json) with an appropriate user filter matching your schema. See https://github.com/UniStuttgart-VISUS/Visus.LdapAuthentication/blob/92d44542b0cb7785dc6167033de70981263f8bb8/Visus.LdapAuthentication/LdapOptions.cs#L61-L68 I think the user filter should be "(uid={0})" for OpenLDAP, but I have no hands-on experience with this kind of server.

[crowbar27]

Version 1.10.0 adds a new schema "RFC 2307" which should work against OpenLDAP servers.