Home/ Questions/Q 7604779
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-30T23:59:52+00:00

I am using C# application to authenticate and check Active Directory user which locates

  • 0

I am using C# application to authenticate and check Active Directory user which locates on a Window 2008 64 bit server.

I was able to authenticate a user successfully when supplying the user name and password using the following code: My domainName value is rootforest.com and my userName is admin6

        UserPrincipal usr;
        PrincipalContext ad;

        //Enter Active Directory settings
        ad = new PrincipalContext(ContextType.Domain, domainName,usrName,pswd);

        //search user
        usr = new UserPrincipal(ad);
        usr.SamAccountName = usrName;

        PrincipalSearcher search = new PrincipalSearcher(usr);
        usr = (UserPrincipal)search.FindOne();
        search.Dispose();

In another function where I want to check if user ‘admin6’ exists and I don’t have the password, but when I check it the function keep throwing “Logon failire: unkoown user name or bad password. \r\n”. The code I used was almost identical to the above except this line:

        //Enter Active Directory settings
        ad = new PrincipalContext(ContextType.Domain, domainName);

Having this not working, I’ve tried other code I found on the web but they all give me the same error. I begun to think it could be how I set up my Active Directory domain?

The picture below is how my domain looks:

https://picasaweb.google.com/100922945973553878191/ActiveDirectory?authuser=0&feat=directlink

Can anyone assist me with this? I’ve been stuck with this issue for last day or so now and I can’t seem to find out why. If you have some codes I can try it would be great

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    To check whether the user exists, your code must execute a base-level search using the known distinguished name. If the results of the search are successful and the number of entries returned as part of the search result are greater than 1, then the distinguished name exists in the directory database.

    This is different from establishing the authentication state of a connection which is accomplished with a bind request. If the bind request is successful, then the connection’s authentication state is set according to the distinguished name used in the bind.

    Perhaps you should check the status of the distinguished name using the command line ldapsearch tool. This will allow you to be confident that the distinguished name exists, and also if the credentials are correct, and also that directory permissions allow for what you are trying to accomplish. Once you have satisfied yourself as to the existence of the distinguished name and the credentials, you can proceed with troubleshooting your code.

    • 0