[Mono-list] Trying to authenticate users against Active Directory from Mono

Martin Thwaites monoforum at my2cents.co.uk
Thu Jun 23 22:14:13 UTC 2016

I think you'll struggle with this.  Authenticating with a 403 challenge (as
in NTLM) may not work on the linux.  You may be able to try doing the
concurrent bind about the domain with the credentials, but I doubt you'll
get it in the same way as windows authentication works in IIS.

A better option would be to implement an ADFS server in your domain, and
accept users using a SAML response.  There are various libraries out there
that do that, not sure which work on mono, but they use standard libraries
so I can't imagine it would be that hard.  We use Kentor.AuthServices on
windows, but I would imagine it would work on Mono.

On 23 June 2016 at 11:57, James Allsopp <jamesaallsopp at googlemail.com>

> Hello,
> I'm trying to authenticate users of an Asp.Net MVC4 site against an Active
> Directory Server. The site's going to be running on CentOS 7 running nginx.
> I've managed to use the Novell.Directory.LDAP code to successfully query a
> OpenDS LDAP test server, and I've used LDAPAdmin to connect to the main AD
> server, but this required the GSSAPI option with "Use current user
> credentials" option. I have no idea how to supply this from Mono.
> Once I've done this, I've then no idea how I should reimplement the
> "PrincipalContext.ValidateCredentials" method using the Novell code.
> If anyone can offer any suggestions, I would be very grateful,
> Thanks,
> James
> _______________________________________________
> Mono-list maillist  -  Mono-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ximian.com/pipermail/mono-list/attachments/20160623/696fa5f2/attachment.html>

More information about the Mono-list mailing list