Search code examples
c#.net-coreldapnovell

Is it possible to find the group(s) that an LDAP user belongs to using the Novell package? (C#)

I have seen several questions that suggest something to do with users and groups but I have no idea what their use cases are.

All that I am trying to do is find the group that a user is linked to after they have been successfully authenticated.

using the following:

    public bool LogInViaLDAP(LoginDTO userForLoginDto)
    {
        var user = userForLoginDto.Username;
        string userDn = $"cn={user},ou=users,ou=system";
        using (var connection = new LdapConnection { SecureSocketLayer = _isSecureSocketLayer })
        {

            connection.ConnectionTimeout = 36000;
            connection.Connect(_domain, _port);
            connection.Bind(userDn, userForLoginDto.Password);
            string[] requiredAttributes = { "cn", "sn", "ou" };
            string searchFilter = "objectClass=inetOrgPerson";

            //this is where I was attempting to find the user's group association.
            var groups = SearchForGroup(connection, userDn, searchFilter, requiredAttributes, false);

            if (connection.Bound)
                return true;
        }
        return false;
    }
    
    
    HashSet<string> SearchForGroup(LdapConnection connection, string user, string searchFilter, string[] requiredAttributes, bool typesOnly)
    {

        var result = connection.Search(user, LdapConnection.ScopeSub, searchFilter, requiredAttributes, typesOnly);

        LdapEntry nextEntry = null;
        while (result.HasMore())
        {
            nextEntry = result.Next();
        }

        //This only seems th return the 
        //sn - surname and cn - common name.
        var data = nextEntry.GetAttributeSet();

        return new HashSet<string>();
    }
Solution

  • I figured the Novell Package is based on the actual querying language that LDAP uses.

    So I selected the ou=groups node in Apache Directory Studio and attempted to search for my user from there using:

    uniqueMember=cn=username,ou=users,ou=system

    That returned the group to which the user is linked to so I went on to.

    string[] requiredAttributes = { "cn" };   
var groups = SearchForGroup(connection, "ou=groups,ou=system", "uniqueMember=cn=username,ou=users,ou=system", requiredAttributes, false);

    The snipped above demonstrates how the parameters needed to be passed in in my c# code to replicate what I did in Directory Studio

        HashSet<string> SearchForGroup(LdapConnection connection, string entryPoint, string searchFilter, string[] requiredAttributes, bool typesOnly)
    {

        var result = connection.Search(entryPoint, LdapConnection.ScopeSub, searchFilter, requiredAttributes, typesOnly);

        LdapEntry nextEntry = null;

        var groups = new HashSet<string>();
        foreach (var group in result)
        {
            var attribute = group.GetAttribute("cn");
            groups.Add(attribute.StringValue);
        }

        return groups;
    }