.net active directory

G

Guest

I have an ASP.net page and I am querying active directory.
I have a list of of users and for each users I executed a method

DirectorySearcher ds = new DirectorySearcher("LDAP://ABC");
ds.Filter = @"samaccountname=someaccount;
SearchResult sr = ds.FindOne();

Is this a good way to do it? or is there any other way better? Insread of
creating an instance of DirectorySearcher for each user, can I just use one
instance for all the users?
 
M

Marc Scheuner [MVP ADSI]

I have an ASP.net page and I am querying active directory.
I have a list of of users and for each users I executed a method

DirectorySearcher ds = new DirectorySearcher("LDAP://ABC");
ds.Filter = @"samaccountname=someaccount;
SearchResult sr = ds.FindOne();

Is this a good way to do it? or is there any other way better? Insread of
creating an instance of DirectorySearcher for each user, can I just use one
instance for all the users?
Click to expand...

Well, the DirectorySearcher really is intended to be used to search
for any number of objects. Searching for just a single one is a bit
silly.

Also, you need to read up on LDAP and LDAP bind strings and filters -
your example probably won't work (or only by coincidence).

Basically, when you set up a DirectorySearcher, you need to give it a
place to start from (a LDAP string), and tell it what to search for.
Something like this:

DirectorySearcher dsUsers = new
DirectorySearcher("LDAP://cn=Users,dc=YourCompany,dc=com");

dsUsers.Filter = "(&(objectClass=user)(objectCategory=user))";

dsUsers.PropertiesToLoad.Add("name");
dsUsers.PropertiesToLoad.Add("sn");
dsUsers.PropertiesToLoad.Add("givenName");

foreach(SearchResult srUser in dsUsers.FindAll())
{
Console.WriteLine(srUser.Properties["name"].ToString() + " - " +
srUser.Properties["givenName"].ToString() + " - " +
srUser.Properties["sn"].ToString());
}

This searcher starts in the default "Users" container (cn=Users) of
your company's default domain (dc=YourCompany,dc=com). Replace this
with your ACTUAL values!

It will search for users (as defined by the LDAP filter), and load
their (object) name, sn (surname = family name), and givenName (first
name) attributes.

The code then loops over all users found, and prints out their
attributes into a console window (here - do whatever you need to do
with it in your case).

If you're totally lost as to what those cn=, ou=, dc= parts are, I'd
suggest you download my BeaverTail ADSI browser and have a look at
your AD database - it'll show you the hierarchy of objects, and all
properties set on those objects.

http://adsi.mvps.org/adsi/CSharp/beavertail.html

Enjoy!
Marc


================================================================
Marc Scheuner May The Source Be With You!
Berne, Switzerland m.scheuner -at- inova.ch
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Querying Active Directory 2
Querying Solaris LDAP server 3
losing connection to Active Directory 10
Validating user credentials against active directory 1
How do you authenticate a user and pswd for local accounts from windowsforms? 1
searching for a user in active directory by username 1
Authenticate user against active directory 1
InvalidComObjectException when searching in AD 3

Top