Answered by:
Powershell- Query Non AD LDAP Directory with 'System.DirectoryServices.Protocols'

Question
-
Hello Scripting Guy
So during my quest to find a way to connect to a non AD LDAP directory (Novell eDirectory , to be more specific) via powershell, i stumbled upon this gem
"https://social.technet.microsoft.com/Forums/en-US/d1c4fc40-b921-4840-9d98-d95d565672d1/queryenumerate-edirectory-in-powershell-via-systemdirectoryservices?forum=ITCG" (this uses "System.DirectoryServicesDirectoryEntry")
and let me say that it works just fine. I am able to connect and query eDirectory but the speed is slow. After further searching I found System.DirectoryServices.Protocols. This is said to be faster than System.DirectoryServicesDirectoryEntry, but when I run the following code
$secpasswd = ConvertTo-SecureString 'myPassword' -AsPlainText -Force $eDirUser = 'cn=myUser,o=myOrg' $Credential = New-Object System.Management.Automation.PSCredential ($eDirUser, $secpasswd)
# tried all the below combinations for server
#$server = '12.34.56.789:636' #(ip address of server)
$server = 'LDAP://12.34.56.789/'
#$server = 'G0123.my.serverName.com' #(the server name)
#$server = 'LDAP://G0123.my.serverName.com/'$LdapConnection = New-Object System.DirectoryServices.Protocols.LdapConnection $server $LdapConnection.AuthType = [System.DirectoryServices.Protocols.AuthType]::Basic $LdapConnection.Timeout = 10000 $LdapConnection.Bind($Credential)
It fails and throws the following error:
Exception calling "Bind" with "1" argument(s): "The LDAP server is unavailable." .
the LDAP server is available, I am using that server in Apache Directory Studio. I used the ping command on the server in cmd , furthermore , as I already stated, the connection was successful when I used "System.DirectoryServicesDirectoryEntry".
- Edited by frostbete Thursday, September 27, 2018 6:45 AM
Thursday, September 27, 2018 6:44 AM
Answers
-
So that method didnt work for Until I added
$nds.AuthType=[System.DirectoryServices.Protocols.AuthType]::Basic
Otherwise it was giving me the following error
"Exception calling "Bind" with "1" argument(s): "The authentication method is not supported." "
Ye but it works now,
thanks for all your help
Cheers
- Marked as answer by Bill_Stewart Monday, December 17, 2018 6:29 PM
Monday, October 1, 2018 6:53 AM
All replies
-
You have to set the correct port if it has been changed.
This is all that you need:
$server = 'LDAP://12.34.56.789' $netcred = [System.Net.NetworkCredential]::new('username','apssword') $nds = New-Object System.DirectoryServices.Protocols.LdapConnection($server,$creds) $nds.Bind()
"AuthType should not be set to basic
Post in Novell forum to get correct LDAP string.
\_(ツ)_/
Thursday, September 27, 2018 7:32 AM -
This will be helpful: https://gallery.technet.microsoft.com/scriptcenter/Using-SystemDirectoryServic-0adf7ef5#content
\_(ツ)_/
Thursday, September 27, 2018 7:44 AM -
Thanks but that is the link which made me aware obout System.DirectoryServices.ProtocolsThursday, September 27, 2018 3:17 PM
-
What is the exact code that you used with the "DirectoryEntry" method?
\_(ツ)_/
Thursday, September 27, 2018 3:25 PM -
Hello @jrv , my exact code for that was
$eDirPath = 'LDAP://12.34.56.789/o=Some_Org' $eDirUser = 'cn=My_account,o=Account_org' #My User id's Domain name $eDirPWD = 'my_password' $eDIrAuthType = 'None' #(Equates to basic) #Establish eDirectory Connection and Enumerate $Root = New-Object System.DirectoryServices.DirectoryEntry -argumentlist $eDirPath,$eDirUser,$eDirPWD,$eDIrAuthType $Query = New-Object System.DirectoryServices.DirectorySearcher $Query.SearchRoot = $Root $Query.Filter = "(cn=search_container_name)" $SearchResults = $Query.FindAll() foreach ($i in $SearchResults){ $obj = $i.Properties echo $obj }
Sorry it took some time to reply, I can only accces this computer on weekdays, and this friday was a public holiday
Sunday, September 30, 2018 11:48 PM -
I just tested again and this is the correct method:
$netcred = [System.Net.NetworkCredential]::new('newwork user id','network password') $nds = New-Object System.DirectoryServices.Protocols.LdapConnection('12.34.56.789',$netcreds) $nds.Bind()
\_(ツ)_/
Monday, October 1, 2018 12:24 AM -
So that method didnt work for Until I added
$nds.AuthType=[System.DirectoryServices.Protocols.AuthType]::Basic
Otherwise it was giving me the following error
"Exception calling "Bind" with "1" argument(s): "The authentication method is not supported." "
Ye but it works now,
thanks for all your help
Cheers
- Marked as answer by Bill_Stewart Monday, December 17, 2018 6:29 PM
Monday, October 1, 2018 6:53 AM