flamencist
commented
3 years ago try to use global option
connection.SetOption(LdapOption.LDAP_OPT_X_SASL_NOCANON,1, true);Open palvferenc opened 3 years ago
flamencist
commented
3 years ago try to use global option
connection.SetOption(LdapOption.LDAP_OPT_X_SASL_NOCANON,1, true);
Hi!
Currently I'm trying to make an ldap query from an ubuntu docker container with your library. Reverse DNS is not working from docker in bridge network mode, I would like to solve this by disabling canonical DNS name checking for openldap.
I can successfuly make an ldap query from the container with ldap search, the authentication method is Digest. To have successfull result I had to put "SASL_NOCANON on" in the /etc/ldap/ldap.conf file in the container.
So I can make successfull query with ldapsearch but utilising your library from a .NET Core 3.1 app I get error results:
Invalid credentials. 80090303: LdapErr: DSID-0C09055A, comment: The digest-uri does not match any LDAP SPN's registered for this server., data 0, v23f0.
This is caused by unsuccesfull reversse dns query, I checked the ldap search without /etc/ldap/ldap.conf modification, I had same result error result and also ldapsearch with debug gives info about it.
In the documentation I found, it is possible to provide options for the native openldap library call in your library.
I'm trying to disable canonical check with the following:
connection.SetOption(LdapOption.LDAP_OPT_X_SASL_NOCANON,1);
I got same error result when running the application from the container:
Invalid credentials. 80090303: LdapErr: DSID-0C09055A, comment: The digest-uri does not match any LDAP SPN's registered for this server., data 0, v23f0.
Thanks in advance, Ferenc