Description
Description
I have a simple LDAP connector in my app that currently works with System.DirectoryServices.Protocols 6.0.1 nuget package. When I call Bind() with incorrect credentials, I expect that in LdapException.Server ErrorMessage will be a string like "8009030C: LdapErr: DSID-0C09058A, comment: AcceptSecurityContext error, data 52e, v4563" (checked with a sniffer, it comes from the server). And it's empty! Everything is OK on Windows, the error is empty in Linux.
tcpdump (on linux):
Reproduction Steps
Work with Windows Active Directory
LDAP client on Debian 10
dotnet --list-runtimes
Microsoft.AspNetCore.App 6.0.5 [/usr/local/bin/shared/Microsoft.AspNetCore.App]
Microsoft.NETCore.App 6.0.5 [/usr/local/bin/shared/Microsoft.NETCore.App]
Sample code:
string _host;
public bool Check(string user, string pass)
{
string samAccountName = user;
var userCred = new NetworkCredential(user, pass);
if (user.Contains('\\'))
{
var splitted = user.Split('\\');
samAccountName = splitted[1];
userCred.UserName = OperatingSystem.IsWindows() ? splitted[1] : user; // https://github.com/dotnet/runtime/issues/36947
}
try
{
using (LdapConnection connection = new LdapConnection(_host))
{
connection.SessionOptions.ProtocolVersion = 3;
connection.Bind(userCred);
return true;
}
}
catch (LdapException ex) when(ex.ErrorCode == 49) // LDAP_INVALID_CREDENTIALS
{
// but i need sub-code https://ldapwiki.com/wiki/Common%20Active%20Directory%20Bind%20Errors
if (!string.IsNullOrWhiteSpace(ex.ServerErrorMessage))
{
// parsing string to get data and convert to sub-code
}
}
}
How to receive ServerErrorMessage? Or how to receive LDAP sub code?