Search code examples
linuxldap.net-8.0

.NET 8 Ldap Authenticate Empty LdapException.ServerErrorMessage on Linux

When I use LDAP on windows, I can correctly obtain the Server ErrorMessage to suppress the error message. But ServerErrorMessage results on Linux are all empty

And i found the same problem on this issue https://github.com/dotnet/runtime/issues/70210

This is my function to call the Ldap Authenticate

public void Authenticate(string username, string password)
{
    var ldapUsername = $"{_ldapDomain}\\{username}";
    var ldapPassword = password;

    using var connection = new LdapConnection(new LdapDirectoryIdentifier(_ldapServer, _ldapPort));

    connection.AuthType = AuthType.Basic;
    connection.Credential = new System.Net.NetworkCredential(ldapUsername, ldapPassword);
    connection.SessionOptions.ProtocolVersion = 3;


    try
    {
        connection.Bind();
    }
    catch (LdapException ex)
    {
        var message = ex.ErrorCode switch
        {
            49 => ex.ServerErrorMessage switch
            {
                string s when s.Contains("data 525") => "User not found. Please check your username.",
                string s when s.Contains("data 52e") => "AD authentication failed. Please check your username and password.",
                string s when s.Contains("data 530") => "Login not permitted at this time. Please contact your administrator.",
                string s when s.Contains("data 531") => "Login not permitted from this workstation. Please contact your administrator.",
                string s when s.Contains("data 532") => "Password expired. Please update your password.",
                string s when s.Contains("data 533") => "Account disabled. Please contact your administrator.",
                string s when s.Contains("data 534") => "Login requires a secure connection. Please ensure you are using a secure connection and try again.",
                string s when s.Contains("data 701") => "Account expired. Please contact your administrator.",
                string s when s.Contains("data 773") => "Password must be reset. Please update your password.",
                string s when s.Contains("data 775") => "Your AD account is locked. Please try again later.",
                _ => $"Authentication failed, please check your username and password, or contact support."
            },
            _ => "LDAP server internal error: please contact support.",
        };
        throw new AuthenticationException(message, ex);
    }
    catch
    {
        throw;
    }
}
Solution

  • I changed the package to Novell.Directory.Ldap, and it works on Linux.