Remove From My Forums

Powershell- Query Non AD LDAP Directory with 'System.DirectoryServices.Protocols'

Question
0

Sign in to vote
Hello Scripting Guy

So during my quest to find a way to connect to a non AD LDAP directory (Novell eDirectory , to be more specific) via powershell, i stumbled upon this gem

"https://social.technet.microsoft.com/Forums/en-US/d1c4fc40-b921-4840-9d98-d95d565672d1/queryenumerate-edirectory-in-powershell-via-systemdirectoryservices?forum=ITCG" (this uses "System.DirectoryServicesDirectoryEntry")

and let me say that it works just fine. I am able to connect and query eDirectory but the speed is slow. After further searching I found System.DirectoryServices.Protocols. This is said to be faster than System.DirectoryServicesDirectoryEntry, but when I run the following code

$secpasswd = ConvertTo-SecureString 'myPassword' -AsPlainText -Force $eDirUser = 'cn=myUser,o=myOrg' $Credential = New-Object System.Management.Automation.PSCredential ($eDirUser, $secpasswd)
# tried all the below combinations for server
#$server = '12.34.56.789:636' #(ip address of server)
$server = 'LDAP://12.34.56.789/'
#$server = 'G0123.my.serverName.com' #(the server name)
#$server = 'LDAP://G0123.my.serverName.com/'
$LdapConnection = New-Object System.DirectoryServices.Protocols.LdapConnection $server $LdapConnection.AuthType = [System.DirectoryServices.Protocols.AuthType]::Basic $LdapConnection.Timeout = 10000 $LdapConnection.Bind($Credential)

It fails and throws the following error:

Exception calling "Bind" with "1" argument(s): "The LDAP server is unavailable." .

the LDAP server is available, I am using that server in Apache Directory Studio. I used the ping command on the server in cmd , furthermore , as I already stated, the connection was successful when I used "System.DirectoryServicesDirectoryEntry".
- Edited by frostbete Thursday, September 27, 2018 6:45 AM
Thursday, September 27, 2018 6:44 AM

Answers

0

Sign in to vote
So that method didnt work for Until I added

$nds.AuthType=[System.DirectoryServices.Protocols.AuthType]::Basic

Otherwise it was giving me the following error

"Exception calling "Bind" with "1" argument(s): "The authentication method is not supported." "

Ye but it works now,

thanks for all your help

Cheers
- Marked as answer by Bill_StewartModerator Monday, December 17, 2018 6:29 PM
Monday, October 1, 2018 6:53 AM

All replies

1

Sign in to vote
You have to set the correct port if it has been changed.

This is all that you need:

$server = 'LDAP://12.34.56.789' $netcred = [System.Net.NetworkCredential]::new('username','apssword') $nds = New-Object System.DirectoryServices.Protocols.LdapConnection($server,$creds) $nds.Bind()

"AuthType should not be set to basic

Post in Novell forum to get correct LDAP string.

\_(ツ)_/
Thursday, September 27, 2018 7:32 AM
1

Sign in to vote

This will be helpful: https://gallery.technet.microsoft.com/scriptcenter/Using-SystemDirectoryServic-0adf7ef5#content

\_(ツ)_/

Thursday, September 27, 2018 7:44 AM
0

Sign in to vote

Thanks but that is the link which made me aware obout System.DirectoryServices.Protocols

Thursday, September 27, 2018 3:17 PM
0

Sign in to vote

What is the exact code that you used with the "DirectoryEntry" method?
\_(ツ)_/

Thursday, September 27, 2018 3:25 PM

Hello @jrv , my exact code for that was

$eDirPath = 'LDAP://12.34.56.789/o=Some_Org'
$eDirUser = 'cn=My_account,o=Account_org' #My User id's Domain name
$eDirPWD  = 'my_password' 
$eDIrAuthType = 'None' #(Equates to basic)

#Establish eDirectory Connection and Enumerate
$Root = New-Object System.DirectoryServices.DirectoryEntry -argumentlist $eDirPath,$eDirUser,$eDirPWD,$eDIrAuthType
$Query = New-Object System.DirectoryServices.DirectorySearcher
$Query.SearchRoot = $Root
$Query.Filter = "(cn=search_container_name)" 

$SearchResults = $Query.FindAll()
foreach ($i in $SearchResults){
    $obj = $i.Properties
    echo $obj
}

Sorry it took some time to reply, I can only accces this computer on weekdays, and this friday was a public holiday

Sunday, September 30, 2018 11:48 PM

I just tested again and this is the correct method:

$netcred = [System.Net.NetworkCredential]::new('newwork user id','network password')
$nds = New-Object System.DirectoryServices.Protocols.LdapConnection('12.34.56.789',$netcreds)
$nds.Bind()

\_(ツ)_/

Monday, October 1, 2018 12:24 AM

0

Sign in to vote
So that method didnt work for Until I added

$nds.AuthType=[System.DirectoryServices.Protocols.AuthType]::Basic

Otherwise it was giving me the following error

"Exception calling "Bind" with "1" argument(s): "The authentication method is not supported." "

Ye but it works now,

thanks for all your help

Cheers
- Marked as answer by Bill_StewartModerator Monday, December 17, 2018 6:29 PM
Monday, October 1, 2018 6:53 AM

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

Powershell- Query Non AD LDAP Directory with 'System.DirectoryServices.Protocols'

Question

Answers

All replies