none
Powershell- Query Non AD LDAP Directory with 'System.DirectoryServices.Protocols' RRS feed

  • Question

  • Hello Scripting Guy

    So during my quest to find a way to connect to a non AD LDAP directory (Novell eDirectory , to be more specific) via powershell, i stumbled upon this gem

    "https://social.technet.microsoft.com/Forums/en-US/d1c4fc40-b921-4840-9d98-d95d565672d1/queryenumerate-edirectory-in-powershell-via-systemdirectoryservices?forum=ITCG" (this uses "System.DirectoryServicesDirectoryEntry")

    and let me say that it works just fine. I am able to connect and query eDirectory but the speed is slow. After further searching I found System.DirectoryServices.Protocols. This is said to be faster than System.DirectoryServicesDirectoryEntry, but when I run the following code

    $secpasswd = ConvertTo-SecureString 'myPassword' -AsPlainText -Force $eDirUser = 'cn=myUser,o=myOrg' $Credential = New-Object System.Management.Automation.PSCredential ($eDirUser, $secpasswd)

    # tried all the below combinations for server

    #$server = '12.34.56.789:636' #(ip address of server)
    $server = 'LDAP://12.34.56.789/'
    #$server = 'G0123.my.serverName.com' #(the server name)
    #$server = 'LDAP://G0123.my.serverName.com/'

    $LdapConnection = New-Object System.DirectoryServices.Protocols.LdapConnection $server $LdapConnection.AuthType = [System.DirectoryServices.Protocols.AuthType]::Basic $LdapConnection.Timeout = 10000 $LdapConnection.Bind($Credential)

    It fails and throws the following error:

    Exception calling "Bind" with "1" argument(s): "The LDAP server is unavailable." .

    the LDAP server is available, I am using that server in Apache Directory Studio. I used the ping command on the server in cmd , furthermore , as I already stated, the connection was successful when I used "System.DirectoryServicesDirectoryEntry".




    • Edited by frostbete Thursday, September 27, 2018 6:45 AM
    Thursday, September 27, 2018 6:44 AM

Answers

  • So that method didnt work for Until I added 

    $nds.AuthType=[System.DirectoryServices.Protocols.AuthType]::Basic


    Otherwise it was giving me the following error

    "Exception calling "Bind" with "1" argument(s): "The authentication method is not supported." "

    Ye but it works now,

    thanks for all your help

    Cheers

    Monday, October 1, 2018 6:53 AM

All replies

  • You have to set the correct port if it has been changed.

    This is all that you need:

    $server = 'LDAP://12.34.56.789'
    $netcred = [System.Net.NetworkCredential]::new('username','apssword')
    $nds = New-Object System.DirectoryServices.Protocols.LdapConnection($server,$creds)
    $nds.Bind()

    "AuthType should not be set to basic

    Post in Novell forum to get correct LDAP string.


    \_(ツ)_/

    Thursday, September 27, 2018 7:32 AM
  • Thanks but that is the link which made me aware obout  System.DirectoryServices.Protocols
    Thursday, September 27, 2018 3:17 PM
  • What is the exact code that you used with the "DirectoryEntry" method?

    \_(ツ)_/

    Thursday, September 27, 2018 3:25 PM
  • Hello @jrv , my exact code for that was

    $eDirPath = 'LDAP://12.34.56.789/o=Some_Org'
    $eDirUser = 'cn=My_account,o=Account_org' #My User id's Domain name
    $eDirPWD  = 'my_password' 
    $eDIrAuthType = 'None' #(Equates to basic)
    
    #Establish eDirectory Connection and Enumerate
    $Root = New-Object System.DirectoryServices.DirectoryEntry -argumentlist $eDirPath,$eDirUser,$eDirPWD,$eDIrAuthType
    $Query = New-Object System.DirectoryServices.DirectorySearcher
    $Query.SearchRoot = $Root
    $Query.Filter = "(cn=search_container_name)" 
    
    $SearchResults = $Query.FindAll()
    foreach ($i in $SearchResults){
        $obj = $i.Properties
        echo $obj
    }

    Sorry it took some time to reply, I can only accces this computer on weekdays, and this friday was a public holiday

    Sunday, September 30, 2018 11:48 PM
  • I just tested again and this is the correct method:

    $netcred = [System.Net.NetworkCredential]::new('newwork user id','network password')
    $nds = New-Object System.DirectoryServices.Protocols.LdapConnection('12.34.56.789',$netcreds)
    $nds.Bind()


    \_(ツ)_/

    Monday, October 1, 2018 12:24 AM
  • So that method didnt work for Until I added 

    $nds.AuthType=[System.DirectoryServices.Protocols.AuthType]::Basic


    Otherwise it was giving me the following error

    "Exception calling "Bind" with "1" argument(s): "The authentication method is not supported." "

    Ye but it works now,

    thanks for all your help

    Cheers

    Monday, October 1, 2018 6:53 AM