Ldap Error The Authentication Mechanism Is Unknown
ASP.NET Community Standup Forums Help Home/ASP.NET Forums/Advanced ASP.NET/Active Directory and LDAP/Error "The authentication mechanism is unknown" Error "The authentication mechanism is unknown" RSS 4 replies Last post Nov 17, 2003 04:40 PM by tim_d ‹ Previous Thread|Next Thread › Print Share Twitter Facebook Email Shortcuts Active Threads Unanswered Threads Unresolved Threads Support Options Advanced Search Reply tim_d None 0 Points 7 Posts Error "The authentication mechanism is unknown" Nov 13, 2003 09:14 PM|tim_d|LINK I am trying to use Active Directory to check the groups that the current user is a member of. I was trying to use HttpContext.Current.User.IsInRole(role) and it always returned false. I am a member of the Domain\WebAdmin group, but IsInRole("Domain\WebAdmin") returns false when it checks my account against active directory. My server OS is Windows 2000 Server. I used the following function to run through the debugger and see if I was authenticating to active directory: '========================================================================================= Public Shared Function GetUserGroupMembership(ByVal strUser As String) As StringCollection Dim groups As New StringCollection ‘******************************************************************** ‘ UsrName and PWD below are the username and password of a user I created with ‘Administrator privileges in Active Directory ‘******************************************************************* Dim obEntry As New DirectoryEntry("LDAP://CN=users,DC=DOMAIN,DC=org", "UsrName", “PWD") Dim srch As New DirectorySearcher(obEntry, "(sAMAccountName=" + strUser + ")") Dim res As SearchResult = srch.FindOne() If Not (Nothing Is res) Then Dim obUser As New DirectoryEntry(res.Path) ' Invoke Groups method. Dim obGroups As Object = obUser.Invoke("Groups") Dim ob As Object For Each ob In CType(obGroups, IEnumerable) ' Create object for each group. Dim obGpEntry
using the function DirectorySearcher.FindOne() it gives this error message (The authentication mechanism is unknown), and I relized that I should put this line in the web.config file (
Hello I am using the System.DirectoryServices namespace classes to access Active Directory. We connect http://www.pcreview.co.uk/threads/directory-services-error-the-authentication-mechanism-is-unknown.1331888/ using the LDAP://DOMAIN method. The code works on local dev boxes, and in staging, but doesn't work on a particular box in our production environment. When we https://wiki.zimbra.com/wiki/LDAP_Authentication try to connect and do a search, we get a "The authentication mechanism is unknown" error. I have searched on Google, Microsoft Support Knowledge Base and Yahoo ldap error etc, and found this error, but noone can offer an explanation or a solution. We put together a simple application to help us debug the problem, using the same code we used in our application, but allowing us to have logging and see the stack trace. We ran this as a console application, ldap error the then as a ASP.NET application, with the same result (it works, and defaults to the Secure authentication type - except it breaks on the production box!). Trying other authentication types doesn't help either. Here is a successful output: Connecting to mgsmith:xxxxx@LDAP://AUNZ with authentication type 'Secure' Authentication Type = Secure Type = AuthenticationTypes Setting LDAP Search Filter to (samaccountname=mgsmith) Executing search.FindOne()... Search was successful. Search found an entry. Looking up employeeid EmployeeID = 18457 Here is the problematic output: Connecting to mgsmith:xxxxx@LDAP://AUNZ with authentication type 'Secure' Authentication Type = Secure Type = AuthenticationTypes Setting LDAP Search Filter to (samaccountname=mgsmith) Executing search.FindOne()... Exception: The authentication mechanism is unknown Stack Trace: at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne) at System.DirectoryServices.DirectorySearcher.FindOne() at Sandbox.WebForm1.cmdLogin_Click(Object sender, EventArgs e) Any help is much appreciated. Cheers Here is our test code: try { // Bind to the domain directory server Console.Write("Connecting to {0}:{1}@{2}", txtUsername.Text, txtPassword.Text, txtUri.Text); DirectoryEntry entry; Console.WriteLine(" with authentication type '{0}'", ddlAuthenticationType.SelectedItem.Va
LDAP Authentication Zimbra Tech Center Community Sandbox LDAP Authentication Contents 1 LDAP Authentication 1.1 LDAP filter 1.1.1 Examples 1.2 LDAP search base 1.2.1 Common examples 1.3 LDAP bind DN 1.3.1 Examples 1.4 Configuring external LDAP authentication 1.4.1 Zimbra Administration UI 1.4.2 SOAP interface 1.4.2.1 Testing Authentication configuration via SOAP 1.5 Troubleshooting 1.5.1 Sanity check 1.5.2 Logging 1.5.3 If some users succeed and others fail 1.5.4 If some domains succeed and others fail 1.6 More Information LDAP Authentication KB 1374 Last updated on 07/12/2015 Last updated by Jorge de la Cruz Mingo 0.00 (0 votes) Verified in: ZCS 8.0 ZCS 7.0 - This article is a Community contribution and may include unsupported customizations. KB 1374 Last updated on 07/12/2015 0.00 (0 votes) - This article is a Community contribution and may include unsupported customizations. - This is archive documentation, which means it is not supported or valid for recent versions of Zimbra Collaboration. - This article is a Work in Progress, and may be unfinished or missing sections. Zimbra permits the use of external LDAP servers per domain for end user authentication. Zimbra user accounts are mapped to LDAP accounts on an external host using an LDAP query filter. Though it is always a good idea to use an LDAP search base, it may not be required by your LDAP server. LDAP filter Zimbra will use an LDAP query filter to map user accounts to entries on the external LDAP server. For example, Zimbra user usera@domain.com might be mapped to an entry in the external LDAP server having a uid attribute value of 'usera', mail attribute of 'usera@domain.com' and an objectClass of 'OrganizationalPerson'. Only a single unique attribute is required to successfully map Zimbra accounts. To set the LDAP query filter, you will need a substitution variable and an attribute on the external LDAP server to search. The substitution variable is obtained from the 'Username' box on the user login page. Possible substitution variables are (e.g., usera@domain.com): %n = username with @ symbol - returns 'usera@domain.com' %u = username without the @ - returns 'usera' %d = domain - returns 'domain.c