Active Directory Programming
I have an asp application running, but I want to search Active Directory.
I am using vb (visual web developer 2008)
how can i find the active directory for a given user?
ie: the user enters the username in the textbox, clicks submit. the active directory runs for this user. when user information is found.
thanks
Which version of the .NET framework can you use? Searching and finding content in AD has become extremely easy in .NET 3.5 - see this excellent MSDN article from Ethan Wilansky and Joe Kaplan on using the Security Principles API to do this.
If you are not on .NET 3.5 yet, you will have to use the class DirectorySearcher
and adjust your search filters as needed. Getting the right to an LDAP filter is probably the biggest hurdle.
Robbie Allen also has two great articles on Programming System.DirectoryServices: - Part 1 - Part 2
There are some really good resources at http://www.directoryprogramming.net (Joe Kaplan's site - he's a Microsoft Active Directory MVP) and Richard Mueller has some great Excel reference sheets on what properties are available for each of the ADSI providers, and what they are mean, and what their LDAP name is - see http://www.rlmueller.net .
Mark
EDIT: Ok - here's the .NET 2.0 / 3.0 approach:
// set the search root - the AD container to search from
DirectoryEntry searchRoot = new DirectoryEntry("LDAP://dc=yourdomain,dc=com");
// create directory searcher
DirectorySearcher ds = new DirectorySearcher(searchRoot);
ds.SearchScope = SearchScope.Subtree;
// set the properties to load in the search results
// the fewer you load, the better your performance
ds.PropertiesToLoad.Add("cn");
ds.PropertiesToLoad.Add("sn");
ds.PropertiesToLoad.Add("givenName");
ds.PropertiesToLoad.Add("mail");
// set the filter - here I'm using objectCategory since this attribute is
// single-valued and indexed --> much better than objectClass in performance
// the "anr" is the "ambiguous name resolution" property which basically
// searches for all normally interesting name properties
ds.Filter = "(&(objectCategory=person)(anr=user-name-here))";
// get the result collection
SearchResultCollection src = ds.FindAll();
// iterate over the results
foreach (SearchResult sr in src)
{
// do whatever you need to do with the search result
// I'm extracting the properties I specified in the PropertiesToLoad
// mind you - a property might not be set in AD and thus would
// be NULL here (e.g. not included in the Properties collection)
// also, all result properties are really multi-valued, so you need
// to do this trickery to get the first of the values returned
string surname = string.Empty;
if (sr.Properties.Contains("sn"))
{
surname = sr.Properties["sn"][0].ToString();
}
string givenName = string.Empty;
if (sr.Properties.Contains("givenName"))
{
givenName = sr.Properties["givenName"][0].ToString();
}
string email = string.Empty;
if (sr.Properties.Contains("mail"))
{
email = sr.Properties["mail"][0].ToString();
}
Console.WriteLine("Name: {0} {1} / Mail: {2}", givenName, surname, email);
}
Hope this helps!
Mark
a source to share