0

In the following code,

private bool AuthenticateUser(string userName, string password)
{
 try
 {
     using(var entry = new DirectoryEntry("myLDAP", userName, password))
     {
         // Attempt to bind to the directory entry
         object nativeObject = entry.NativeObject;
         return true; // Authentication succeeded
     }
 }
 catch(DirectoryServicesCOMException)
 {
     // Handle exception for failed authentication
     return false;
 }
 catch(Exception ex)
 {
     // Handle other exceptions (logging, etc.)
     MessageBoxes.msgBoxOK(
         "Authentication Error",
         $"An error occurred: {ex.Message}",
         MessageBoxImage.Error);
     return false;
 }
}

I am getting a,

'System.DirectoryServices.DirectyEntry.NativeObject.get' times out and needed to be aborted in an unsafe way. This may have corrupted the target process.

But the error does not catch for either the catch(DirectoryServicesCOMException) or the general, catch(Exception ex)

Instead, the code continues in the block and returns true.

Any reason why the try-catch does not catch the timed out error?

Improve this question
6
  • I cannot explain the observed behavior, but as a workaround you could try to first set object nativeObject = null; then try to assign entry.NativeObject and finally return nativeObject is not null; Commented Oct 28, 2024 at 12:03
  • Thank you for the suggestion. Traveling at the moment but will definitely give it a try and give feedback when we arrive at our destination. Commented Oct 28, 2024 at 17:42
  • Also, does it make a difference if you change that line to this?: ActiveDs.IADsUser nativeObject = (ActiveDs.IADsUser)entry.NativeObject; You'll need to add a reference to the Active DS type library (Interop.ActiveDs.dll). Commented Oct 30, 2024 at 20:42
  • @OlivierJacot-Descombes I tried object nativeObject = null; _ = entry.NativeObject; return nativeObject is not null; but that unfortunately has the same behaviour. Thanks for the suggestion though. Commented Oct 31, 2024 at 4:32
  • @TawabWakil Thank you for the suggestion, but that too generates the same behaviour with the try-catch not catching the error. Commented Oct 31, 2024 at 4:38

1 Answer 1

Reset to default
0

This is what I have discovered from here:

Binding against the AD has a serious overhead, the AD schema cache has to be loaded at the client (ADSI cache in the ADSI provider used by DirectoryServices). This is both network, and AD server, resource consuming - and is too expensive for a simple operation like authenticating a user account.

While it does not explain the behaviour of why the try-catch does not catch the error, it did point me to a workable solution using PrincipalContext instead.

This works without any delay or error:

private bool AuthenticateUser(string userName, string password)
{
    using (PrincipalContext context = new PrincipalContext(ContextType.Domain, "EnterYourDomain"))
    {
        return context.ValidateCredentials(userName, password);
    }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Use PrincipalContext context = new PrincipalContext(ContextType.Domain, null) for default domain.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.