How can I authenticate a Windows domain user in Delphi?

Question

I am trying to authenticate windows domain user in Delphi. I used the code below. If I use ADS_SECURE_AUTHENTICATION, it says

Logon failure: unknown user name or bad password

If i use ADS_USE_SSL it is saying

An invalid dn syntax has been specified

function TLoginForm.Authenticate( pUser, pPassword,pDomain: WideString): Boolean;
Var
 aUser,Obj : IAdsUser;
 infoback : HRESULT;
begin
 Try       
   CoInitialize(nil);
   infoback := 0;    

   infoback  := ADsOpenObject(Format('LDAP://%s',[pDomain]),Format('%s',[pUser]),pPassword,ADS_USE_SSL,IAds,aUser);
   CoUninitialize;
   Result := true;
   ShowMessage('Success');
     // here retrieve the information needed
 Except
   On E:Exception do
   Begin
      Result := false;
      ShowMessage(E.Message);
      aUser := Nil;
   End;
 End
end;

Thanks in Advance

Which version of Delphi are you using? My initial suspicion is unicode... — Jerry Dodge, Aug 19 '16 at 14:53
Also, if this is inside of a VCL form, then there's no need to call `CoInitialize()` because VCL has already done it for you. — Jerry Dodge, Aug 19 '16 at 14:54
Did you read the *remarks* in ADsOpenObject's documentation? — Sertac Akyuz, Aug 19 '16 at 15:06
Follow the recommendations by Microsoft, see: https://support.microsoft.com/nl-nl/kb/180548 — Johan, Aug 20 '16 at 12:35
Possible duplicate of [How do integrate Delphi with Active Directory?](http://stackoverflow.com/questions/337300/how-do-integrate-delphi-with-active-directory) — Johan, Aug 20 '16 at 12:36

FredS · Answer 1 · 2016-08-24T15:06:51.477

0

The code below works for me as long as I use a Fully Qualified Domain Controller:

var
  hr: HResult;
  pObject : IADs;
  Pwd : String;
begin
      Pwd := 'Hello';
      hr := ADsOpenObject('LDAP://'+ FQDC,
                       'Administrator',
                       Pwd,
                       ADS_SECURE_AUTHENTICATION,
                       IID_IADs,
                       pObject);
      OleCheck(hr);
      pObject := nil;
end;

more on the name and path formats..

edited Aug 24 '16 at 15:06

answered Aug 20 '16 at 23:03

FredS

680
1
5
6

how did you imported ADsOpenObject? – asgar Aug 22 '16 at 08:22
@asgar, via EMB Web.Win.AdsTypes – FredS Aug 22 '16 at 14:53
I am importing like this. Do you think am i doing wrong. function ADsOpenObject(lpszPathName,lpszUserName,lpszPassword : WideString; dwReserved : DWORD; const riid:TGUID; out ppObject): HResult; safecall; external 'activeds.dll'; – asgar Aug 24 '16 at 12:14
@asgar, declarations match but see my updated answer with the correct pObject type – FredS Aug 24 '16 at 15:08
@asgar, I am testing against an Ubuntu Samba DC which is now rated 2008RC2 and am only using the DCs Fully Qualified Name: "LDAP://vmHome.home.local". – FredS Aug 30 '16 at 17:23
@asgar, which DC version do you use? – FredS Sep 07 '16 at 20:04
I am not sure what the DC version is, its out of my hands. I only know the FQN and interface is based on Novell Corporate eDirectory. Please let me know what i can try with different versions. – asgar Sep 08 '16 at 11:32

How can I authenticate a Windows domain user in Delphi?

1 Answers1