Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Linux] DirectoryServices.Protocols does not connect to AD-Server #102310

Open
Serinoxu opened this issue May 16, 2024 · 3 comments
Open

[Linux] DirectoryServices.Protocols does not connect to AD-Server #102310

Serinoxu opened this issue May 16, 2024 · 3 comments
Labels
area-System.DirectoryServices needs-author-action An issue or pull request that requires more info or actions from the author.

Comments

@Serinoxu
Copy link

Hello dear Developers

Im made a Microservice, which should update/insert User data in the AD.

To be able to do this, I need to establish a connection. You can see my code below (it works successfully on windows, but fails on linux docker container):

private void EstablishAdConnection()
 {

     try
     {
         Console.WriteLine("Start des Verbindungsversuchs zum LDAP Server. Adresse:" + settings.Adress + " on Port:" + settings.LdapSecurePort);
         Console.WriteLine("Mit dem Benutzernamen: " + settings.FullUsername);
         var identifier = new LdapDirectoryIdentifier(settings.Adress, settings.LdapSecurePort, true, false);
         LdapConnection Ldap;
         Ldap = new LdapConnection(identifier,
             new System.Net.NetworkCredential(settings.FullUsername, settings.Password))
         {
             AuthType = AuthType.Basic
         };
         
         Ldap.SessionOptions.ProtocolVersion = 3;
         Ldap.SessionOptions.ReferralChasing = ReferralChasingOptions.None;
         Ldap.Timeout = TimeSpan.FromMinutes(0.5);
         Ldap.SessionOptions.SecureSocketLayer = true;
         Ldap.Bind();
         ProtokollAccess.GetInstance().GetServiceProtokoll().ConnectionInfo = Ldap.SessionOptions.SslInformation.AlgorithmIdentifier.ToString();
         AdRequests.SetConnection(Ldap);
     }
     catch (Exception ex)
     {
         throw;
     }

 }

csproj:

<Project Sdk="Microsoft.NET.Sdk">
	<PropertyGroup>
		<TargetFramework>net6.0</TargetFramework>
		<CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
		<Version>1.2.1</Version>
		<OutputType>Library</OutputType>
		<Nullable>enable</Nullable>
		<IsPackable>true</IsPackable>
	</PropertyGroup>

	<ItemGroup>
		<PackageReference Include="..." Version="1.14.0" />
		<PackageReference Include="MicroserviceCommonData" Version="0.0.5" />
		<PackageReference Include="System.DirectoryServices.Protocols" Version="6.0.27" />
	</ItemGroup>
</Project>

The Microservice should run in a Linux container with Ubuntu 22.04 (mcr.microsoft.com/dotnet/aspnet:6.0-jammy).
I have used 6.0.27 DirectoryService.Protocols cause it was one of a few version which are not throwing an Error that it couldn´t find the Version.

I applied many known workarounds for the linux problem.
For example:

or applied the workaround from https://stackoverflow.com/questions/77109472/c-sharp-how-to-connect-to-ldap-ad-dc-server-using-ssl-or-tls-from-linux-ubuntu
which states that you should:

  • use AuthType.Basic or Negotiate
  • install libldap-2.5.so.0 as libldap-2.4.so.2 cause of an constant reference from the directoryService.Protocols Package to the lower version.

When my code execution hits LdapDirectoryIdentifier then the following error will be thrown:
"System.DirectoryServices.Protocols is not supported on this platfrom"

Overview:
DirectoryService.Protocols Version: 6.0.27
.Net Framework Version: net6.0
Ubuntu: 22.04
@dotnet-policy-service dotnet-policy-service bot added the untriaged New issue has not been triaged by the area owner label May 16, 2024
@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/area-system-directoryservices, @jay98014
See info in area-owners.md if you want to be subscribed.

@ericstj
Copy link
Member

ericstj commented May 21, 2024

I'm not sure where you're getting DirectoryService.Protocols Version: 6.0.27 -- that doesn't exist: https://www.nuget.org/packages/System.DirectoryServices.Protocols/

When my code execution hits LdapDirectoryIdentifier then the following error will be thrown:
"System.DirectoryServices.Protocols is not supported on this platfrom"

It sounds to me like you're using the wrong binary on linux. The package contains runtime-specific implementations. It's important that your application loads the linux specific assembly. This should happen when building the application with a deps file and running normally. It may not work if you're doing something unusual with application deployment.

Double check your repro to ensure you've deployed the app correctly and are referencing an actual supported package version. If you are, then share more information from the failure - like the full callstack of the exception - the file version of the loaded binary -- and you can inspect that binary to determine what it was built for. Here's an example:
image

@ericstj ericstj added the needs-author-action An issue or pull request that requires more info or actions from the author. label May 21, 2024
@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

This issue has been marked needs-author-action and may be missing some important information.

@buyaa-n buyaa-n removed the untriaged New issue has not been triaged by the area owner label May 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area-System.DirectoryServices needs-author-action An issue or pull request that requires more info or actions from the author.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ericstj @buyaa-n @Serinoxu