ARTICLE AD BOX
I'm troubleshooting a LDAP connectivity issue from a machine connected via VPN.
Let me provide some context I'm working on:
My environment is a remote machine connected via VPN, and the script is expected to be running on other remote machines.
The LDAP server is accessible via remote through VPN on the 389 port.
This script, although is on .NET, it should be OS agnostic, and it's on .NET 10+.
Using this ldapsearch CLI from the same machine, I can successfully query the LDAP server:
ldapsearch -x -H ldap://<host>:389 -D "myDomain\MYUSER" -w MyPassword -b "baseDN" -LLL "(sAMAccountName=MYUSER)"This returns results correctly (it connects and fetches users as expected).
The problem is when I'm trying to implement the same connection parameters to connect to that LDAP service, through System.DirectoryServices.Protocols. I think the same query fails:
var identifier = new LdapDirectoryIdentifier("<host>", 389); using var connection = new LdapConnection(identifier); connection.AuthType = AuthType.Basic; connection.Credential = new NetworkCredential("<user>", "<password>"); connection.Bind(); var request = new SearchRequest("<baseDN>", "(objectClass=*)", SearchScope.Subtree, null); var response = (SearchResponse)connection.SendRequest(request);The error I'm getting on the console when catching errors is:
ERROR: Active Directory query failed. The LDAP server is unavailable
Why would ldapsearch succeed, but System.DirectoryServices.Protocols fail from the same machine? Are there differences in authentication mechanisms (simple bind vs negotiate/NTLM/Kerberos), or TLS/StartTLS handling, any referral chasing, or timeouts?
What configuration is required in C# to match ldapsearch behavior?
Any insight into differences between ldapsearch and .NET LDAP clients would be appreciated.
I'm kind of lost since this is new for me, and I did some research on the docs, but without success.
Thanks in advance
