Open Closed

How to integrate LDAP ? #9692


User avatar
0
devmahmod created

How to integrate with active directory in mvc core razor


13 Answer(s)
  • User Avatar
    0
    AI-Bot created
    Support Team ABP Agent

    To integrate LDAP (Active Directory) authentication in an ABP MVC Core Razor application, follow these steps:

    1. Install the necessary NuGet package:

      • Add the Volo.Abp.Account.Pro.Ldap package to your project.
    2. Configure LDAP settings in your appsettings.json:

    "Ldap": {
         "IsEnabled": "true",
         "Domain": "your-domain",
         "UserName": "ldap-user",
         "Password": "ldap-password",
         "ServerHost": "your-ldap-server",
         "ServerPort": "389"
       }
    
    1. Enable the LDAP login feature:

      • Go to the Feature Management UI in your application.
      • Enable the Account.EnableLdapLogin feature for the relevant tenant or host.
    2. Test your LDAP configuration:

      • You can use the provided ABP LDAP Test Application to verify your LDAP settings before integrating them into your main application.
      • Repository: https://github.com/abpframework/abp-samples/tree/master/AbpLdapSample
    3. Clear the cache if you change feature settings to ensure the new configuration is applied.

    After these steps, users will be able to log in using their Active Directory credentials.

    Sources:

    • https://abp.io/docs/latest/modules/identity/idap
    • https://github.com/abpframework/abp-samples/tree/master/AbpLdapSample

    This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    AI provides the solution. You can check the document and sample code.

    Thanks.

  • User Avatar
    0
    devmahmod created

    I try this code it gives me searchResults count 0

    public async static Task<int> Main(string[] args)
    {
        var server = "xxx.xxx.com";
        var serverPort = 12345;
        var baseDc = "DC=xxx,DC=com";
        var adminUserName = "xxx";
        var adminPassword = "xxx";
        var testUserName = "xxx@xxx.com"; // Replace with a real AD user
        var testPassword = "xxx";         // Replace with actual password
    
        using (var ldapConnection = new LdapConnection())
        {
            ldapConnection.Connect(server, serverPort, Native.LdapSchema.LDAP, Native.LdapVersion.LDAP_VERSION3);
    
            try
            {
                // Bind as LDAP admin (Bind DN)
                await ldapConnection.BindAsync(Native.LdapAuthType.Simple, new LdapCredential
                {
                    UserName = $"CN={adminUserName},{baseDc}",  // Important: Full DN of bind user
                    Password = adminPassword
                });
    
                Console.WriteLine($"{adminUserName} bind success!");
    
                // Search for the user using sAMAccountName (common in Active Directory)
                var filter = $"(&(objectClass=user)(sAMAccountName={testUserName}))";
                var searchResults = await ldapConnection.SearchAsync(baseDc, filter);
    
                if (!searchResults.Any())
                {
                    Console.WriteLine($"User {testUserName} not found.");
                    
                }
    
                var userEntry = searchResults.First();
                Console.WriteLine();
                Console.WriteLine($"{testUserName} attributes:");
                Console.WriteLine(string.Join(", ", userEntry.ToDirectoryEntry().Attributes));
    
                // Now bind as the found user to test password
                await ldapConnection.BindAsync(Native.LdapAuthType.Simple, new LdapCredential
                {
                    UserName = userEntry.Dn,
                    Password = testPassword
                });
    
                Console.WriteLine();
                Console.WriteLine($"{testUserName} login success!");
            }
            catch (Exception e)
            {
                Console.WriteLine("LDAP Error:");
                Console.WriteLine(e.Message);
            }
    
            Console.ReadKey();
        }
        ```
    
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    I don't know about your LDAP server, you can try to replace several filter strings

    var filter = $"(&(objectClass=user)(sAMAccountName={testUserName}))";

    Thanks.

  • User Avatar
    0
    devmahmod created

    how user in ldap will be able to login and this user not in abpusers table ?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Abp will create a new user with LDAP external user info.

  • User Avatar
    0
    devmahmod created

    you mean i don't need to do any code to sync ldab users, but i tried steps and not work, can we please have meting in zoom ?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Yes, once the username and password pass LDAP validation. abp will create a user if it does not exist.

    but i tried steps and not work,

    I don't know about your LDAP server, you can try to replace several filter strings.

    var filter = $"(&(objectClass=user)(sAMAccountName={testUserName}))";

    Thanks.

  • User Avatar
    0
    devmahmod created

    Thanks,

     var filter = $"(&(objectClass=person)(uid={testUserName}))"; this works for me when try this 
    
    var server = "xxxx";
    var serverPort = xxxx;
    var baseDc = "xxxx";
    
    var adminUserName = "xxxx";
    var adminPassword = xxxx";
    
    var testUserName = "xxxxx"; // short name or sAMAccountName
    var testPassword = "xxxx"; // real user password
    
    using (var ldapConnection = new LdapConnection())
    {
        ldapConnection.Connect(server, serverPort, Native.LdapSchema.LDAP, Native.LdapVersion.LDAP_VERSION3);
    
        try
        {
            // Bind as admin
            await ldapConnection.BindAsync(Native.LdapAuthType.Simple, new LdapCredential
            {
                UserName = $"CN={adminUserName},{baseDc}",
                Password = adminPassword
            });
    
            Console.WriteLine($"{adminUserName} login success!");
    
            // Search user
            var filter = $"(&(objectClass=person)(uid={testUserName}))";
            var searchResults = await ldapConnection.SearchAsync(baseDc, filter);
    
            var userEntry = searchResults.FirstOrDefault();
            if (userEntry == null)
            {
                Console.WriteLine($"User '{testUserName}' not found.");
             
            }
    
            Console.WriteLine($"{testUserName} DN: {userEntry.Dn}");
    
            // Try binding as the user
            await ldapConnection.BindAsync(Native.LdapAuthType.Simple, new LdapCredential
            {
                UserName = userEntry.Dn,
                Password = testPassword
            });
    
            Console.WriteLine($"{testUserName} login success!");
        }
        catch (Exception e)
        {
            Console.WriteLine($"LDAP Error: {e.Message}");
        }
    
        Console.ReadKey();
    }
    
    

    I make this code in program.cs and it gives me login success and also can't login with this user , i tried to make cofigration from app setting and also admin ui not working

  • User Avatar
    0
    devmahmod created

    also ai said Install the necessary NuGet package:

    Add the Volo.Abp.Account.Pro.Ldap package to your project.

    and see screenshot i can't find it and i have abp pro

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    If your Program code works. You can replace the built-in code.

    https://abp.io/docs/latest/modules/identity/idap#customize-built-in-services

    There is no Volo.Abp.Account.Pro.Ldap package.

    The OpenLdapManager exists in Volo.Abp.Identity.Pro.Domain, It overrides some methods from LdapManager

    You don't need to add any extra packages, the default template already includes LDAP features.

    Thanks.

  • User Avatar
    0
    devmahmod created

    hi can you provide me your mail please to send configuration to test i can't find problem

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    liming.ma@volosoft.com

Boost Your Development
ABP Live Training
Packages
See Trainings
Mastering ABP Framework Book
The Official Guide
Mastering
ABP Framework
Learn More
Mastering ABP Framework Book
Made with ❤️ on ABP v10.0.0-preview. Updated on September 01, 2025, 08:37