Due to microsoft enabling channel binding and signing on LDAP on march 10 this year (as explained here: https://support.microsoft.com/en-us/help/4520412/2020-ldap-channel-binding-and-ldap-signing-requirements-for-windows) I am currently trying to figure out if the code we have needs to be altered to facilitate this change. I currently have this bit of code
var ctx = new PrincipalContext(ContextType.Domain);
var userPrincipal = UserPrincipal.FindByIdentity(ctx, username);
if (userPrincipal == null)
return null;
var underlyingObject = userPrincipal.GetUnderlyingObject() as DirectoryEntry;
if (underlyingObject == null)
return null;
PropertyValueCollection homedirProperty = underlyingObject.Properties["HomeDirectory"];
if (homedirProperty == null || homedirProperty.Value == null)
return null;
return homedirProperty.Value as string;
from the looks of it this should work with the patch change, but during a test in an environment where this change was enabled it just used the normal LDAP. Am I overlooking something?
