locked
Powershell- Query Non AD LDAP Directory with 'System.DirectoryServices.Protocols' RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hello Scripting Guy

    So during my quest to find a way to connect to a non AD LDAP directory (Novell eDirectory , to be more specific) via powershell, i stumbled upon this gem

    "https://social.technet.microsoft.com/Forums/en-US/d1c4fc40-b921-4840-9d98-d95d565672d1/queryenumerate-edirectory-in-powershell-via-systemdirectoryservices?forum=ITCG" (this uses "System.DirectoryServicesDirectoryEntry")

    and let me say that it works just fine. I am able to connect and query eDirectory but the speed is slow. After further searching I found System.DirectoryServices.Protocols. This is said to be faster than System.DirectoryServicesDirectoryEntry, but when I run the following code

    $secpasswd = ConvertTo-SecureString 'myPassword' -AsPlainText -Force
$eDirUser = 'cn=myUser,o=myOrg'
$Credential = New-Object System.Management.Automation.PSCredential ($eDirUser, $secpasswd)

    # tried all the below combinations for server
    #$server = '12.34.56.789:636' #(ip address of server)
    $server = 'LDAP://12.34.56.789/'
    #$server = 'G0123.my.serverName.com' #(the server name)
    #$server = 'LDAP://G0123.my.serverName.com/'
    
$LdapConnection = New-Object System.DirectoryServices.Protocols.LdapConnection $server
$LdapConnection.AuthType = [System.DirectoryServices.Protocols.AuthType]::Basic
$LdapConnection.Timeout = 10000
$LdapConnection.Bind($Credential)

    It fails and throws the following error:

    Exception calling "Bind" with "1" argument(s): "The LDAP server is unavailable." .

    the LDAP server is available, I am using that server in Apache Directory Studio. I used the ping command on the server in cmd , furthermore , as I already stated, the connection was successful when I used "System.DirectoryServicesDirectoryEntry".




    • Edited by frostbete Thursday, September 27, 2018 6:45 AM
    Thursday, September 27, 2018 6:44 AM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    So that method didnt work for Until I added 

    $nds.AuthType=[System.DirectoryServices.Protocols.AuthType]::Basic


    Otherwise it was giving me the following error

    "Exception calling "Bind" with "1" argument(s): "The authentication method is not supported." "

    Ye but it works now,

    thanks for all your help

    Cheers

    • Marked as answer by Bill_Stewart Monday, December 17, 2018 6:29 PM
    Monday, October 1, 2018 6:53 AM

All replies

  • Question
    Sign in to vote
    1
    Sign in to vote

    You have to set the correct port if it has been changed.

    This is all that you need:

    $server = 'LDAP://12.34.56.789'
$netcred = [System.Net.NetworkCredential]::new('username','apssword')
$nds = New-Object System.DirectoryServices.Protocols.LdapConnection($server,$creds)
$nds.Bind()

    "AuthType should not be set to basic

    Post in Novell forum to get correct LDAP string.

    \_(ツ)_/

    Thursday, September 27, 2018 7:32 AM
  • Question
    Sign in to vote
    1
    Sign in to vote

    This will be helpful: https://gallery.technet.microsoft.com/scriptcenter/Using-SystemDirectoryServic-0adf7ef5#content

    \_(ツ)_/

    Thursday, September 27, 2018 7:44 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Thanks but that is the link which made me aware obout  System.DirectoryServices.Protocols
    Thursday, September 27, 2018 3:17 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    What is the exact code that you used with the "DirectoryEntry" method?

    \_(ツ)_/

    Thursday, September 27, 2018 3:25 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hello @jrv , my exact code for that was

    $eDirPath = 'LDAP://12.34.56.789/o=Some_Org'
$eDirUser = 'cn=My_account,o=Account_org' #My User id's Domain name
$eDirPWD  = 'my_password' 
$eDIrAuthType = 'None' #(Equates to basic)

#Establish eDirectory Connection and Enumerate
$Root = New-Object System.DirectoryServices.DirectoryEntry -argumentlist $eDirPath,$eDirUser,$eDirPWD,$eDIrAuthType
$Query = New-Object System.DirectoryServices.DirectorySearcher
$Query.SearchRoot = $Root
$Query.Filter = "(cn=search_container_name)" 

$SearchResults = $Query.FindAll()
foreach ($i in $SearchResults){
    $obj = $i.Properties
    echo $obj
}

    Sorry it took some time to reply, I can only accces this computer on weekdays, and this friday was a public holiday

    Sunday, September 30, 2018 11:48 PM
  • Question
    Sign in to vote
    1
    Sign in to vote

    I just tested again and this is the correct method:

    $netcred = [System.Net.NetworkCredential]::new('newwork user id','network password')
$nds = New-Object System.DirectoryServices.Protocols.LdapConnection('12.34.56.789',$netcreds)
$nds.Bind()

    \_(ツ)_/

    Monday, October 1, 2018 12:24 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    So that method didnt work for Until I added 

    $nds.AuthType=[System.DirectoryServices.Protocols.AuthType]::Basic


    Otherwise it was giving me the following error

    "Exception calling "Bind" with "1" argument(s): "The authentication method is not supported." "

    Ye but it works now,

    thanks for all your help

    Cheers

    • Marked as answer by Bill_Stewart Monday, December 17, 2018 6:29 PM
    Monday, October 1, 2018 6:53 AM