public void GetGroupsUserIsMemberOf(string sAMAccountName)
{
try
{
using (DirectoryEntry dirEntry = new DirectoryEntry())
{
dirEntry.Path = "LDAP://OU=OUName,DC=DCName,DC=org";
dirEntry.AuthenticationType = AuthenticationTypes.Secure;
using (DirectorySearcher dirSearch = new DirectorySearcher(dirEntry))
{
dirSearch.Filter = string.Format("(&(objectCategory=person)(objectClass=user)(SAMAccountName={0}))", sAMAccountName);
dirSearch.PropertiesToLoad.Add("memberOf");
SearchResult result = dirSearch.FindOne();
if (result != null)
{
int propCount = result.Properties["memberOf"].Count;
for (int i = 0; i <= propCount - 1; i++)
{
// Clean up the name of the group for display purposes
char[] delim = new char[] { ',', '\\' };
string groupName = result.Properties["memberOf"][i].ToString().Split(delim).First().Replace("CN=", string.Empty);
Console.WriteLine(string.Format("Group# {0}: {1}", i+1, groupName);
}
}
}
}
}
}
Showing posts with label Active Directory. Show all posts
Showing posts with label Active Directory. Show all posts
Friday, September 14, 2012
Programmatically obtain a list of Active Directory groups that an individual is a member of
Here is some sample code that will allow you to obtain a complete list of all of the Active Director groups that a specified user is a member of:
Monday, September 10, 2012
Programmatically obtain user information from Active Directory
Here is a sample method that you can use for contacting Active Directory in order to obtain information about a user based on his/her username/account name (a.k.a. sAMAccountName in AD):
public void GetUserDistinguishedName(string sAMAccountName)
{
using (DirectoryEntry dirEntry = new DirectoryEntry())
{
dirEntry.Path = "LDAP://OU=OUName,DC=DCName,DC=org";
dirEntry.AuthenticationType = AuthenticationTypes.Secure;
using (DirectorySearcher dirSearch = new DirectorySearcher(dirEntry))
{
dirSearch.Filter = string.Format("(&(objectCategory=person)(objectClass=user)(SAMAccountName={0}))", sAMAccountName);
SearchResult result = dirSearch.FindOne();
if (result != null)
{
Console.WriteLine(string.Format("Distinguished Name: {0}" ,result.Properties["distinguishedname"][0].ToString()));
Console.WriteLine(string.Format("First Name: {0}", result.Properties["givenname"][0].ToString()));
Console.WriteLine(string.Format("Last Name: {0}", result.Properties["sn"][0].ToString()));
Console.WriteLine(string.Format("Email Address: {0}", result.Properties["mail"][0].ToString()));
}
}
}
}
Wednesday, June 13, 2012
Programmatically obtain a list of all properties associated with a user's profile in Active Directory
The following simplified code sample can be used for obtaining a list of all possible properties that are associated with a user's profile in Active Directory. This code would be useful if you're trying to figure out which AD properties you may need to access to get the information you require:
using System.DirectoryServices;
...
try
{
using (DirectoryEntry dirEntry = new DirectoryEntry("LDAP://yourOUPath))
{
using (DirectorySearcher dirSearch = new DirectorySearcher(dirEntry))
{
dirSearch.Filter = "(&(objectClass=user)(sAMaccountname=yourADLoginName))";
SearchResult result = dirSearch.FindOne();
if (result != null)
{
foreach (string propertyName in result.Properties.PropertyNames)
{
Console.WriteLine(propertyName);
}
}
}
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
Likely culprits for issues with this code could be attributed to the following items:- There could be issues with the structure of the LDAP path
- You may need to specify a DirectoryEntry.Username and DirectoryEntry.Password
- You may need to define a DirectoryEntry.AuthenticationType
Subscribe to:
Posts (Atom)