Authentication using LDAP
One of the requirements for our current application is to authenticate the users using their LDAP server. We were able to use it for authentication for our current setup.
By the way, the NativeObject
property of the DirectoryEntry
class should be included in the API Hall of Shame
of Brad Adams. It should have been a method maybe named as Bind().
I was surprised this afternoon when i changed the password to an empty string
and the authentication was still successful. It was supposed to catch a COMException but it did not. Turns out that having an empty string is similar to anonymous login which is currently enabled for the server.