Thursday, November 25, 2021

[SOLVED] Segmentation fault (core dumped) when calling LdapConnection.SendRequest(SearchRequest req) at System.DirectoryServices.Protocols on Ubuntu 18.04.4LTS

November 25, 2021 .net-core, directoryservices, ldap, linux

Issue

When I try to get user information from Active Directory, LdapConnection.SendRequest(SearchRequest req) causes :

Segmentation fault (core dumped)

on an Ubuntu 18.04.4 LTS (GNU/Linux 4.15.0-147-generic x86_64).

If I remove the line

searchRequest.TimeLimit = new TimeSpan(0, 1, 0);

LdapPal.SearchDirectory method returns LdapError.TimeOut (-7). and throws :

System.DirectoryServices.Protocols.LdapException: The LDAP server returned an unknown error.
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request)
   at ConsoleApp16.Program.GetUserDetailsFromLdap(String username) in D:\source\repos\ConsoleApp16\ConsoleApp16\Program.cs:line 47

Below code works without any problem on a Windows.

Verifying username and password by LdapConnection.Bind(new NetworkCredential(username, password, domainName)) works without any problem.

Below is the code:

    private static string _baseDn = "OU=org1,DC=org1,DC=com,DC=tr";
    private static LdapConnection _con = new(new LdapDirectoryIdentifier("org1.com.tr"), new NetworkCredential("#Username", "#Password", "#DomainName"));
    static void Main(string[] args)
    {
        _con.AuthType = AuthType.Basic;

        Console.ReadLine();
        Console.WriteLine("Hello World!");

        Console.WriteLine(TryLoginUser(@"#Username", "#Password","#DomainName"));

        Console.WriteLine(GetUserDetailsFromLdap(@"#Username").Email);
    }

    private static bool TryLoginUser(string username, string password, string domainName)
    {
        try
        {
            _con.Bind(new NetworkCredential(username, password, domainName));
        }
        catch (Exception ex)
        {
            Console.WriteLine(ex.ToString());
            return false;
        }
        return true;
    }

    private static LdapUser GetUserDetailsFromLdap(string username)
    {
        var searchFilter = $"(&sAMAccountName={username.Split('@')[0]})";

        var searchRequest = new SearchRequest(_baseDn, searchFilter, SearchScope.Subtree, new string[] { "mail", "givenName", "sn", "sAMAccountName" });
        searchRequest.TimeLimit = new TimeSpan(0, 1, 0);

        try
        {
            
            var response = (SearchResponse)_con.SendRequest(searchRequest);
            if (response?.ResultCode == ResultCode.Success)
            {
                var result = response?.Entries[0];
                return new LdapUser()
                {
                    Email = result.Attributes["mail"][0].ToString(),
                    FirstName = result.Attributes["givenName"][0].ToString(),
                    LastName = result.Attributes["sn"][0].ToString(),
                    UserName = result.Attributes["sAMAccountName"][0].ToString()
                };
            }
            else
            {
                return null;
            }

        }
        catch (Exception ex)
        {
            Console.WriteLine(ex.ToString());
        }
        return null;
    }
}

public class LdapUser
{
    public string FirstName { get; set; }
    public string LastName { get; set; }
    public string Email { get; set; }
    public string UserName { get; set; }
}

Configuration

System.DirectoryServices.Protocols version 5.0.0

Runtime : Microsoft.NETCore.App 5.0.7

Target Runtime : portable

Deployment Mode: Portable

Update When using 6.0.0-preview.7.21377.19 version of System.DirectoryServices.Protocols without SearchRequest.TimeLimit property causes :

System.DirectoryServices.Protocols.LdapException: The search filter is invalid.
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request)
   at ConsoleApp16.Program.GetUserDetailsFromLdap(String username) in D:\source\repos\ConsoleApp16\ConsoleApp16\Program.cs:line 47

private static LdapConnection _con = new(new LdapDirectoryIdentifier("org1.com.tr"));

bool isWindows = System.Runtime.InteropServices.RuntimeInformation.IsOSPlatform(System.Runtime.InteropServices.OSPlatform.Windows);
            
var searchFilter =isWindows?$"(&sAMAccountName={username.Split('@')[0]})": $"(&(objectCategory=person)(objectclass=user)(sAMAccountName={username.Split('@')[0]}))";

If I set the searchFilter conditional to operating system, method executes successfully most of the time, even if I don't set credentials for LDAPConnection object.

However randomly it continues to throw

System.DirectoryServices.Protocols.LdapException: The LDAP server returned an unknown error.

Solution

When I set LdapConnection.SessionOptions.ProtocolVersion to 3, everything worked as expected on Linux also.

Answered By - serkanz

This Answer collected from stackoverflow and tested by PythonFixing community admins, is licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0

Thursday, November 25, 2021

[SOLVED] Segmentation fault (core dumped) when calling LdapConnection.SendRequest(SearchRequest req) at System.DirectoryServices.Protocols on Ubuntu 18.04.4LTS

Issue

Solution

Popular Posts

Labels